From bb0ba223c5950aeb5ac111b210dd7f110cec51df Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Fri, 14 Dec 2018 14:44:46 -0800 Subject: [PATCH 01/11] renaming Signed-off-by: Shriram Rajagopalan --- mesh/v1alpha1/config.pb.go | 437 +++--------------- mesh/v1alpha1/config.proto | 33 +- mesh/v1alpha1/istio.mesh.v1alpha1.pb.html | 82 +--- networking/v1alpha3/destination_rule.pb.go | 170 +++---- networking/v1alpha3/destination_rule.proto | 2 +- networking/v1alpha3/service_entry.pb.go | 68 +-- networking/v1alpha3/service_entry.proto | 2 +- ...service_dependency.pb.go => sidecar.pb.go} | 180 ++++---- ...service_dependency.proto => sidecar.proto} | 0 networking/v1alpha3/virtual_service.pb.go | 230 ++++----- networking/v1alpha3/virtual_service.proto | 2 +- proto.lock | 179 +++---- python/istio_api/mesh/v1alpha1/config_pb2.py | 109 +---- .../v1alpha3/destination_rule_pb2.py | 72 +-- .../networking/v1alpha3/service_entry_pb2.py | 32 +- ...rvice_dependency_pb2.py => sidecar_pb2.py} | 34 +- .../v1alpha3/virtual_service_pb2.py | 140 +++--- 17 files changed, 630 insertions(+), 1142 deletions(-) rename networking/v1alpha3/{service_dependency.pb.go => sidecar.pb.go} (79%) rename networking/v1alpha3/{service_dependency.proto => sidecar.proto} (100%) rename python/istio_api/networking/v1alpha3/{service_dependency_pb2.py => sidecar_pb2.py} (85%) diff --git a/mesh/v1alpha1/config.pb.go b/mesh/v1alpha1/config.pb.go index 32a1caa43b..0648b45242 100644 --- a/mesh/v1alpha1/config.pb.go +++ b/mesh/v1alpha1/config.pb.go @@ -152,34 +152,6 @@ func (MeshConfig_OutboundTrafficPolicy_Mode) EnumDescriptor() ([]byte, []int) { return fileDescriptorConfig, []int{0, 0, 0} } -type MeshConfig_DefaultServiceDependency_Mode int32 - -const ( - // Configure routes to services in all namespaces, i.e. import - // services from all namespaces. - MeshConfig_DefaultServiceDependency_ALL_NAMESPACES MeshConfig_DefaultServiceDependency_Mode = 0 - // Only configure routes to services that are in the same namespace - // as the workload as well as services in namespaces specified in - // importNamespaces. - MeshConfig_DefaultServiceDependency_SAME_NAMESPACE MeshConfig_DefaultServiceDependency_Mode = 1 -) - -var MeshConfig_DefaultServiceDependency_Mode_name = map[int32]string{ - 0: "ALL_NAMESPACES", - 1: "SAME_NAMESPACE", -} -var MeshConfig_DefaultServiceDependency_Mode_value = map[string]int32{ - "ALL_NAMESPACES": 0, - "SAME_NAMESPACE": 1, -} - -func (x MeshConfig_DefaultServiceDependency_Mode) String() string { - return proto.EnumName(MeshConfig_DefaultServiceDependency_Mode_name, int32(x)) -} -func (MeshConfig_DefaultServiceDependency_Mode) EnumDescriptor() ([]byte, []int) { - return fileDescriptorConfig, []int{0, 1, 0} -} - // MeshConfig defines mesh-wide variables shared by all Envoy instances in the // Istio service mesh. // @@ -287,12 +259,6 @@ type MeshConfig struct { // Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain // Fallback to old identity format(without trust domain) if not set. TrustDomain string `protobuf:"bytes,26,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` - // The default service dependency setting associated with every workload - // in the mesh. Pilot will program the routes in the sidecars and - // gateways accordingly. If omitted, sidecars will be configured to reach - // every service in the mesh. The default scope can be overriden by - // supplying a ServiceDependency resource per namespace. - DefaultServiceDependency *MeshConfig_DefaultServiceDependency `protobuf:"bytes,29,opt,name=default_service_dependency,json=defaultServiceDependency" json:"default_service_dependency,omitempty"` } func (m *MeshConfig) Reset() { *m = MeshConfig{} } @@ -489,13 +455,6 @@ func (m *MeshConfig) GetTrustDomain() string { return "" } -func (m *MeshConfig) GetDefaultServiceDependency() *MeshConfig_DefaultServiceDependency { - if m != nil { - return m.DefaultServiceDependency - } - return nil -} - type MeshConfig_OutboundTrafficPolicy struct { Mode MeshConfig_OutboundTrafficPolicy_Mode `protobuf:"varint,1,opt,name=mode,proto3,enum=istio.mesh.v1alpha1.MeshConfig_OutboundTrafficPolicy_Mode" json:"mode,omitempty"` } @@ -514,41 +473,6 @@ func (m *MeshConfig_OutboundTrafficPolicy) GetMode() MeshConfig_OutboundTrafficP return MeshConfig_OutboundTrafficPolicy_REGISTRY_ONLY } -// Default service dependency settings for each workload in the -// mesh. ServiceDependencycontrols the reachability of workloads to other -// services in the mesh. -type MeshConfig_DefaultServiceDependency struct { - // REQUIRED: The default import setting for every workload in the mesh. - ImportMode MeshConfig_DefaultServiceDependency_Mode `protobuf:"varint,1,opt,name=import_mode,json=importMode,proto3,enum=istio.mesh.v1alpha1.MeshConfig_DefaultServiceDependency_Mode" json:"import_mode,omitempty"` - // Specifies one or more namespaces that should be imported by default - // in all user defined ServiceDependency resources in addition to the - // namespaces explicitly specified by the end user. Use this setting to - // automatically import services/resources from namespaces such as - // istio-system that all workloads in the mesh depend upon. - ImportNamespaces []string `protobuf:"bytes,2,rep,name=import_namespaces,json=importNamespaces" json:"import_namespaces,omitempty"` -} - -func (m *MeshConfig_DefaultServiceDependency) Reset() { *m = MeshConfig_DefaultServiceDependency{} } -func (m *MeshConfig_DefaultServiceDependency) String() string { return proto.CompactTextString(m) } -func (*MeshConfig_DefaultServiceDependency) ProtoMessage() {} -func (*MeshConfig_DefaultServiceDependency) Descriptor() ([]byte, []int) { - return fileDescriptorConfig, []int{0, 1} -} - -func (m *MeshConfig_DefaultServiceDependency) GetImportMode() MeshConfig_DefaultServiceDependency_Mode { - if m != nil { - return m.ImportMode - } - return MeshConfig_DefaultServiceDependency_ALL_NAMESPACES -} - -func (m *MeshConfig_DefaultServiceDependency) GetImportNamespaces() []string { - if m != nil { - return m.ImportNamespaces - } - return nil -} - // ConfigSource describes information about a configuration store inside a // mesh. A single control plane instance can interact with one or more data // sources. @@ -585,13 +509,11 @@ func (m *ConfigSource) GetTlsSettings() *istio_networking_v1alpha32.TLSSettings func init() { proto.RegisterType((*MeshConfig)(nil), "istio.mesh.v1alpha1.MeshConfig") proto.RegisterType((*MeshConfig_OutboundTrafficPolicy)(nil), "istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy") - proto.RegisterType((*MeshConfig_DefaultServiceDependency)(nil), "istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency") proto.RegisterType((*ConfigSource)(nil), "istio.mesh.v1alpha1.ConfigSource") proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_IngressControllerMode", MeshConfig_IngressControllerMode_name, MeshConfig_IngressControllerMode_value) proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_AuthPolicy", MeshConfig_AuthPolicy_name, MeshConfig_AuthPolicy_value) proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_AccessLogEncoding", MeshConfig_AccessLogEncoding_name, MeshConfig_AccessLogEncoding_value) proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_OutboundTrafficPolicy_Mode", MeshConfig_OutboundTrafficPolicy_Mode_name, MeshConfig_OutboundTrafficPolicy_Mode_value) - proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_DefaultServiceDependency_Mode", MeshConfig_DefaultServiceDependency_Mode_name, MeshConfig_DefaultServiceDependency_Mode_value) } func (m *MeshConfig) Marshal() (dAtA []byte, err error) { size := m.Size() @@ -833,18 +755,6 @@ func (m *MeshConfig) MarshalTo(dAtA []byte) (int, error) { } i += n6 } - if m.DefaultServiceDependency != nil { - dAtA[i] = 0xea - i++ - dAtA[i] = 0x1 - i++ - i = encodeVarintConfig(dAtA, i, uint64(m.DefaultServiceDependency.Size())) - n7, err := m.DefaultServiceDependency.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n7 - } if m.SdsUseK8SSaJwt { dAtA[i] = 0xf0 i++ @@ -883,44 +793,6 @@ func (m *MeshConfig_OutboundTrafficPolicy) MarshalTo(dAtA []byte) (int, error) { return i, nil } -func (m *MeshConfig_DefaultServiceDependency) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *MeshConfig_DefaultServiceDependency) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - if m.ImportMode != 0 { - dAtA[i] = 0x8 - i++ - i = encodeVarintConfig(dAtA, i, uint64(m.ImportMode)) - } - if len(m.ImportNamespaces) > 0 { - for _, s := range m.ImportNamespaces { - dAtA[i] = 0x12 - i++ - l = len(s) - for l >= 1<<7 { - dAtA[i] = uint8(uint64(l)&0x7f | 0x80) - l >>= 7 - i++ - } - dAtA[i] = uint8(l) - i++ - i += copy(dAtA[i:], s) - } - } - return i, nil -} - func (m *ConfigSource) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -946,11 +818,11 @@ func (m *ConfigSource) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x12 i++ i = encodeVarintConfig(dAtA, i, uint64(m.TlsSettings.Size())) - n8, err := m.TlsSettings.MarshalTo(dAtA[i:]) + n7, err := m.TlsSettings.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n8 + i += n7 } return i, nil } @@ -1063,10 +935,6 @@ func (m *MeshConfig) Size() (n int) { l = m.TcpKeepalive.Size() n += 2 + l + sovConfig(uint64(l)) } - if m.DefaultServiceDependency != nil { - l = m.DefaultServiceDependency.Size() - n += 2 + l + sovConfig(uint64(l)) - } if m.SdsUseK8SSaJwt { n += 3 } @@ -1082,21 +950,6 @@ func (m *MeshConfig_OutboundTrafficPolicy) Size() (n int) { return n } -func (m *MeshConfig_DefaultServiceDependency) Size() (n int) { - var l int - _ = l - if m.ImportMode != 0 { - n += 1 + sovConfig(uint64(m.ImportMode)) - } - if len(m.ImportNamespaces) > 0 { - for _, s := range m.ImportNamespaces { - l = len(s) - n += 1 + l + sovConfig(uint64(l)) - } - } - return n -} - func (m *ConfigSource) Size() (n int) { var l int _ = l @@ -1838,39 +1691,6 @@ func (m *MeshConfig) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex - case 29: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DefaultServiceDependency", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowConfig - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthConfig - } - postIndex := iNdEx + msglen - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.DefaultServiceDependency == nil { - m.DefaultServiceDependency = &MeshConfig_DefaultServiceDependency{} - } - if err := m.DefaultServiceDependency.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex case 30: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field SdsUseK8SSaJwt", wireType) @@ -1981,104 +1801,6 @@ func (m *MeshConfig_OutboundTrafficPolicy) Unmarshal(dAtA []byte) error { } return nil } -func (m *MeshConfig_DefaultServiceDependency) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowConfig - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: DefaultServiceDependency: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: DefaultServiceDependency: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field ImportMode", wireType) - } - m.ImportMode = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowConfig - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.ImportMode |= (MeshConfig_DefaultServiceDependency_Mode(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ImportNamespaces", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowConfig - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthConfig - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ImportNamespaces = append(m.ImportNamespaces, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipConfig(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthConfig - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func (m *ConfigSource) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -2299,85 +2021,78 @@ var ( func init() { proto.RegisterFile("mesh/v1alpha1/config.proto", fileDescriptorConfig) } var fileDescriptorConfig = []byte{ - // 1266 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x72, 0xd3, 0xc6, - 0x17, 0x8f, 0x92, 0x40, 0xc2, 0xf1, 0x47, 0xe4, 0x0d, 0x81, 0xc5, 0xf0, 0xcf, 0xdf, 0xa4, 0x53, - 0xc8, 0xa4, 0x1d, 0x67, 0x48, 0xa6, 0x33, 0xb4, 0x33, 0xbd, 0x30, 0xb6, 0x03, 0x0e, 0x8e, 0xed, - 0x91, 0x14, 0x5a, 0x7a, 0xd1, 0x1d, 0x45, 0x5a, 0xdb, 0xdb, 0xc8, 0x5a, 0x55, 0xbb, 0x0e, 0xe4, - 0x71, 0xfa, 0x1c, 0x7d, 0x81, 0x5e, 0xf6, 0xae, 0xb7, 0x1d, 0x9e, 0xa4, 0xb3, 0xbb, 0x52, 0x6c, - 0xc0, 0x34, 0x1d, 0xee, 0xb4, 0xbf, 0xf3, 0xb5, 0xe7, 0x77, 0x3e, 0x56, 0x50, 0x9d, 0x50, 0x31, - 0xde, 0xbf, 0x78, 0xe2, 0x47, 0xc9, 0xd8, 0x7f, 0xb2, 0x1f, 0xf0, 0x78, 0xc8, 0x46, 0xf5, 0x24, - 0xe5, 0x92, 0xa3, 0x4d, 0x26, 0x24, 0xe3, 0x75, 0xa5, 0x51, 0xcf, 0x35, 0xaa, 0xdb, 0x23, 0xce, - 0x47, 0x11, 0xdd, 0xd7, 0x2a, 0x67, 0xd3, 0xe1, 0x7e, 0x38, 0x4d, 0x7d, 0xc9, 0x78, 0x6c, 0x8c, - 0xaa, 0xf7, 0xde, 0x77, 0x98, 0xa4, 0xfc, 0xed, 0x65, 0x26, 0xda, 0x8b, 0xa9, 0x7c, 0xc3, 0xd3, - 0x73, 0x16, 0x8f, 0x72, 0x85, 0xc3, 0xfd, 0x90, 0x0a, 0xc9, 0x62, 0xed, 0x81, 0xa4, 0xd3, 0x88, - 0x1a, 0xdd, 0x9d, 0xdf, 0x10, 0xc0, 0x09, 0x15, 0xe3, 0xa6, 0xbe, 0x10, 0xfa, 0x1a, 0xd0, 0x84, - 0xbd, 0xa5, 0x29, 0x09, 0xc6, 0x34, 0x38, 0x27, 0x82, 0xa6, 0x17, 0x34, 0xc5, 0x56, 0xcd, 0xda, - 0xbd, 0xe5, 0xd8, 0x5a, 0xd2, 0x54, 0x02, 0x57, 0xe3, 0xa8, 0x0e, 0x9b, 0x46, 0x3b, 0xa5, 0x09, - 0x4f, 0x65, 0xae, 0xbe, 0xac, 0xd5, 0x2b, 0x5a, 0xe4, 0x68, 0x49, 0xa6, 0x7f, 0x00, 0x5b, 0x21, - 0x13, 0xfe, 0x59, 0x44, 0x49, 0xc2, 0x23, 0x16, 0x5c, 0x9a, 0x30, 0x02, 0xaf, 0xd4, 0xac, 0xdd, - 0x75, 0x67, 0x33, 0x13, 0x0e, 0xb4, 0x4c, 0x07, 0x12, 0x68, 0x0f, 0x2a, 0x3a, 0x37, 0x12, 0x31, - 0x21, 0x69, 0x4c, 0x94, 0x3b, 0xbc, 0x5a, 0xb3, 0x76, 0x6f, 0x38, 0x1b, 0x5a, 0xd0, 0xd5, 0xf8, - 0x80, 0xa7, 0x12, 0x3d, 0x02, 0x03, 0x91, 0xb1, 0x94, 0x89, 0xd1, 0xbc, 0xa1, 0x35, 0x4b, 0x1a, - 0x7e, 0x21, 0x65, 0xa2, 0xf5, 0x9e, 0xc1, 0x46, 0xc0, 0xe3, 0x98, 0x06, 0x92, 0x48, 0x36, 0xa1, - 0x7c, 0x2a, 0xf1, 0xcd, 0x9a, 0xb5, 0x5b, 0x38, 0xb8, 0x57, 0x37, 0xac, 0xd7, 0x73, 0xd6, 0xeb, - 0xad, 0x8c, 0x75, 0xa7, 0x9c, 0x59, 0x78, 0xc6, 0x00, 0x7d, 0x01, 0x25, 0x16, 0x8f, 0x52, 0x2a, - 0x04, 0x09, 0x22, 0x5f, 0x08, 0xbc, 0xa6, 0xb3, 0x2e, 0x66, 0x60, 0x53, 0x61, 0xe8, 0x31, 0x6c, - 0xe4, 0x4a, 0x8a, 0x1b, 0x16, 0x50, 0xbc, 0xae, 0xd5, 0xca, 0x19, 0xec, 0x1a, 0x14, 0x4d, 0xe0, - 0xee, 0x95, 0x37, 0x1e, 0xcb, 0x94, 0x47, 0x11, 0x4d, 0xc9, 0x84, 0x87, 0x14, 0xdf, 0xaa, 0x59, - 0xbb, 0xe5, 0x83, 0x6f, 0xea, 0x0b, 0x9a, 0xa4, 0x3e, 0xab, 0x5c, 0xbd, 0x93, 0xc5, 0xbd, 0xb2, - 0x3e, 0xe1, 0x21, 0x75, 0xb6, 0xd8, 0x22, 0x18, 0xf5, 0xa1, 0xe0, 0x4f, 0xe5, 0x38, 0xab, 0x02, - 0x06, 0x1d, 0x62, 0xef, 0xba, 0x10, 0x8d, 0xa9, 0x1c, 0x9b, 0xda, 0x3c, 0x5b, 0xc6, 0x96, 0x03, - 0xfe, 0xd5, 0x19, 0x75, 0xa0, 0x92, 0x86, 0x82, 0xa4, 0x74, 0x98, 0x52, 0x31, 0x26, 0x21, 0x8d, - 0xfc, 0x4b, 0x5c, 0xb8, 0x86, 0x53, 0xed, 0x65, 0x23, 0x0d, 0x85, 0x63, 0xcc, 0x5a, 0xca, 0x0a, - 0x7d, 0x09, 0x65, 0x1a, 0xeb, 0x1e, 0x91, 0xa9, 0x1f, 0xb0, 0x78, 0x84, 0x8b, 0xba, 0x3b, 0x4a, - 0x06, 0xf5, 0x0c, 0xa8, 0x6a, 0xed, 0x07, 0x81, 0x22, 0x2c, 0xe2, 0x23, 0x32, 0x64, 0x11, 0xc5, - 0x25, 0x4d, 0x6d, 0xc9, 0xc0, 0x5d, 0x3e, 0x3a, 0x62, 0x11, 0x45, 0xcf, 0xa1, 0x1c, 0xd2, 0xa1, - 0x3f, 0x8d, 0x24, 0x31, 0x43, 0x87, 0xcb, 0xfa, 0x5a, 0xb5, 0x85, 0xd9, 0x0e, 0x54, 0x9f, 0x98, - 0x74, 0x9d, 0x52, 0x66, 0x97, 0x8d, 0xc6, 0x63, 0x28, 0x99, 0x66, 0xf7, 0xc3, 0x50, 0x51, 0x8a, - 0x6d, 0x15, 0x4e, 0xe7, 0x50, 0xd4, 0x82, 0x86, 0xc1, 0xd1, 0xaf, 0x70, 0x97, 0x4f, 0xe5, 0x19, - 0x9f, 0xc6, 0xa1, 0x4a, 0x61, 0x38, 0x64, 0x41, 0x4e, 0x74, 0x45, 0x87, 0xbe, 0xb6, 0x96, 0xfd, - 0xcc, 0xdc, 0x33, 0xd6, 0x73, 0x9c, 0x6f, 0xf1, 0x45, 0x22, 0xd4, 0x82, 0xff, 0x67, 0x9c, 0x05, - 0x11, 0xa3, 0xb1, 0x24, 0x82, 0x85, 0xef, 0xcf, 0x18, 0xde, 0xd4, 0x24, 0xde, 0x37, 0x6a, 0x4d, - 0xad, 0xe5, 0xb2, 0x70, 0x7e, 0xd6, 0x50, 0x0d, 0x8a, 0x22, 0x14, 0x64, 0x1a, 0x0a, 0x92, 0xf8, - 0x72, 0x8c, 0x6f, 0x6b, 0x3e, 0x41, 0x84, 0xe2, 0x34, 0x14, 0x03, 0x5f, 0x8e, 0x55, 0x99, 0xc5, - 0x47, 0x65, 0xde, 0xfa, 0x4f, 0x65, 0x16, 0x1f, 0x94, 0xf9, 0x05, 0x94, 0x4d, 0x3d, 0x88, 0xe0, - 0xd3, 0x34, 0xa0, 0x02, 0xdf, 0xa9, 0xad, 0xec, 0x16, 0x0e, 0x1e, 0x2e, 0x24, 0xc7, 0x10, 0xe3, - 0x6a, 0x4d, 0xa7, 0x14, 0xcc, 0x9d, 0x04, 0x3a, 0x84, 0x3b, 0x59, 0xf2, 0xea, 0x6e, 0x92, 0x9f, - 0xd3, 0x98, 0x4c, 0xf8, 0x34, 0x96, 0xf8, 0xae, 0x59, 0x2b, 0x46, 0xea, 0x86, 0xc2, 0x53, 0xb2, - 0x13, 0x25, 0x52, 0x6b, 0x65, 0xbe, 0x7d, 0x78, 0x3a, 0xf1, 0x25, 0xc6, 0x3a, 0xe1, 0x8d, 0x59, - 0x03, 0x69, 0x58, 0x05, 0x98, 0xa7, 0x92, 0x0c, 0x7d, 0x16, 0x11, 0x9e, 0xd0, 0x18, 0xdf, 0x33, - 0x01, 0x92, 0x19, 0x89, 0x47, 0x3e, 0x8b, 0xfa, 0x09, 0x8d, 0xd1, 0x43, 0x28, 0xca, 0x74, 0x2a, - 0x24, 0x09, 0xf9, 0xc4, 0x67, 0x31, 0xae, 0x6a, 0xdf, 0x05, 0x8d, 0xb5, 0x34, 0x84, 0x7c, 0xd8, - 0x9c, 0xbb, 0x03, 0x8d, 0x03, 0x1e, 0xaa, 0x76, 0xbf, 0xaf, 0xa7, 0xf1, 0xc9, 0xb5, 0xd3, 0x98, - 0xdf, 0xb2, 0x9d, 0x19, 0x3a, 0x15, 0xff, 0x43, 0x08, 0x71, 0x28, 0xc9, 0x20, 0x21, 0xe7, 0x94, - 0x26, 0x7e, 0xc4, 0x2e, 0x28, 0x7e, 0xa0, 0x8b, 0x75, 0x9c, 0x39, 0x9f, 0x3d, 0x14, 0x79, 0x88, - 0x43, 0x45, 0xb5, 0xda, 0x73, 0x8c, 0xc7, 0x03, 0xce, 0x23, 0x97, 0x4a, 0xc9, 0xe2, 0x91, 0xa8, - 0x7b, 0xcd, 0xc1, 0xec, 0x3b, 0x48, 0x5e, 0xe6, 0x1e, 0x9d, 0xa2, 0x9c, 0x3b, 0xa1, 0x0b, 0xa8, - 0xe6, 0xe3, 0x96, 0x6d, 0x3c, 0x12, 0xd2, 0x84, 0xc6, 0x21, 0x8d, 0x83, 0x4b, 0xfc, 0x3f, 0x1d, - 0xfd, 0xe9, 0x75, 0xa9, 0xb5, 0x8c, 0x87, 0x6c, 0x39, 0xb6, 0xae, 0xec, 0x1d, 0x1c, 0x7e, 0x42, - 0x82, 0xf6, 0x00, 0xe9, 0xde, 0x15, 0x94, 0x9c, 0x3f, 0x15, 0x44, 0xf8, 0xe4, 0x97, 0x37, 0x12, - 0x6f, 0xeb, 0xfa, 0x94, 0x55, 0x07, 0x0b, 0xfa, 0xf2, 0xa9, 0x70, 0xfd, 0xe3, 0x37, 0xb2, 0xfa, - 0xbb, 0x05, 0x5b, 0x0b, 0x47, 0x0c, 0x39, 0xb0, 0xaa, 0x77, 0xae, 0xa5, 0x4b, 0xf0, 0xdd, 0x67, - 0xcd, 0x69, 0x5d, 0x6d, 0x58, 0xdd, 0xf3, 0xda, 0xd7, 0x4e, 0x0f, 0x56, 0xf5, 0xce, 0xdd, 0x82, - 0x92, 0xd3, 0x7e, 0xde, 0x71, 0x3d, 0xe7, 0x35, 0xe9, 0xf7, 0xba, 0xaf, 0xed, 0xa5, 0xea, 0xf2, - 0xba, 0x85, 0x2a, 0x70, 0xab, 0xd1, 0xed, 0xf6, 0x7f, 0x20, 0x8d, 0xde, 0x6b, 0xdb, 0xd2, 0xd0, - 0x03, 0xb8, 0xfd, 0xaa, 0xe3, 0x78, 0xa7, 0x8d, 0x2e, 0x71, 0xdb, 0xce, 0xab, 0x4e, 0xb3, 0x6d, - 0x0c, 0x96, 0x95, 0xb4, 0xfa, 0x97, 0x05, 0xf8, 0x53, 0x04, 0xa1, 0x9f, 0xa1, 0xc0, 0x26, 0xfa, - 0x2d, 0x9e, 0xcb, 0xe3, 0xfb, 0xcf, 0xe5, 0x5b, 0xa7, 0xe2, 0x80, 0xf1, 0xa8, 0x93, 0xf8, 0x0a, - 0x2a, 0x99, 0xff, 0xd8, 0x9f, 0x50, 0x91, 0xf8, 0x6a, 0x70, 0x97, 0x6b, 0x2b, 0xea, 0xf7, 0xc0, - 0x08, 0x7a, 0x57, 0xf8, 0x4e, 0x3d, 0xcb, 0x1c, 0x41, 0xb9, 0xd1, 0xed, 0x92, 0x5e, 0xe3, 0xa4, - 0xed, 0x0e, 0x1a, 0xcd, 0xb6, 0x6b, 0x2f, 0x29, 0xcc, 0x6d, 0x9c, 0xb4, 0x67, 0xa0, 0x6d, 0xed, - 0x7c, 0x0b, 0x5b, 0x0b, 0x5f, 0x31, 0xb4, 0x06, 0x2b, 0xfd, 0xa3, 0x23, 0x7b, 0x09, 0x15, 0x60, - 0xad, 0xd5, 0x3e, 0x6a, 0x9c, 0x76, 0x3d, 0xdb, 0x42, 0x00, 0x37, 0x5d, 0xcf, 0xe9, 0x34, 0x3d, - 0x7b, 0x79, 0xe7, 0x11, 0xc0, 0xec, 0x75, 0x42, 0xeb, 0xb0, 0xda, 0xeb, 0xf7, 0xda, 0xf6, 0x12, - 0x2a, 0x03, 0x9c, 0x9c, 0x6a, 0x26, 0xbd, 0xae, 0x6b, 0x5b, 0x3b, 0x8f, 0xa1, 0xf2, 0xd1, 0xdc, - 0x28, 0x75, 0xaf, 0xfd, 0xa3, 0x67, 0x2f, 0xa9, 0xaf, 0x63, 0xb7, 0xdf, 0xb3, 0xad, 0xe3, 0xd5, - 0xf5, 0x0d, 0xdb, 0x3e, 0x5e, 0x5d, 0x47, 0xf6, 0xe6, 0x8e, 0x80, 0xe2, 0xfc, 0xfe, 0x41, 0x18, - 0xd6, 0xf2, 0x37, 0xc0, 0xfc, 0x19, 0xe5, 0x47, 0xd4, 0x81, 0xa2, 0x8c, 0xd4, 0x5b, 0x6f, 0x06, - 0x45, 0xff, 0x09, 0x15, 0x0e, 0x1e, 0xfd, 0xcb, 0xb4, 0x79, 0x5d, 0x37, 0x1f, 0x2b, 0xa7, 0x20, - 0x23, 0x91, 0x1f, 0x9e, 0xed, 0xfe, 0xf1, 0x6e, 0xdb, 0xfa, 0xf3, 0xdd, 0xb6, 0xf5, 0xf7, 0xbb, - 0x6d, 0xeb, 0xa7, 0xaa, 0xf1, 0xc0, 0xf8, 0xbe, 0x9f, 0xb0, 0xfd, 0xf7, 0x7e, 0xfd, 0xce, 0x6e, - 0xea, 0x8d, 0x7b, 0xf8, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xfc, 0x5b, 0xd8, 0x2c, 0x63, 0x0a, - 0x00, 0x00, + // 1153 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0xdb, 0x36, + 0x14, 0x8e, 0x52, 0xb7, 0x71, 0xe9, 0x3f, 0x99, 0xa9, 0x5b, 0xd6, 0xed, 0x32, 0x37, 0xc3, 0x5a, + 0x23, 0x18, 0x6c, 0x34, 0xc1, 0x80, 0x6e, 0x77, 0xa9, 0xe3, 0xb4, 0x4e, 0x9d, 0x38, 0x90, 0x94, + 0x6e, 0xdd, 0x0d, 0xa1, 0x48, 0xb4, 0xcd, 0x45, 0x16, 0x35, 0x91, 0xea, 0xcf, 0xb3, 0xed, 0x05, + 0x76, 0xb9, 0x9b, 0xdd, 0x0f, 0x7d, 0x92, 0x81, 0x87, 0x52, 0xe3, 0xb4, 0xc6, 0x32, 0xec, 0xce, + 0xfc, 0xce, 0x77, 0xce, 0x21, 0xbf, 0xf3, 0x23, 0xa3, 0xf6, 0x82, 0xc9, 0x79, 0xff, 0xed, 0x53, + 0x3f, 0x4a, 0xe6, 0xfe, 0xd3, 0x7e, 0x20, 0xe2, 0x29, 0x9f, 0xf5, 0x92, 0x54, 0x28, 0x81, 0x37, + 0xb9, 0x54, 0x5c, 0xf4, 0x34, 0xa3, 0x57, 0x30, 0xda, 0x5b, 0x33, 0x21, 0x66, 0x11, 0xeb, 0x03, + 0xe5, 0x3c, 0x9b, 0xf6, 0xc3, 0x2c, 0xf5, 0x15, 0x17, 0xb1, 0x71, 0x6a, 0xdf, 0xbf, 0x1a, 0x30, + 0x49, 0xc5, 0xfb, 0x0f, 0xb9, 0x69, 0x27, 0x66, 0xea, 0x9d, 0x48, 0x2f, 0x78, 0x3c, 0x2b, 0x08, + 0x7b, 0xfd, 0x90, 0x49, 0xc5, 0x63, 0x88, 0x40, 0xd3, 0x2c, 0x62, 0x86, 0xbb, 0xfd, 0x57, 0x03, + 0xa1, 0x63, 0x26, 0xe7, 0x03, 0xb8, 0x10, 0xfe, 0x0e, 0xe1, 0x05, 0x7f, 0xcf, 0x52, 0x1a, 0xcc, + 0x59, 0x70, 0x41, 0x25, 0x4b, 0xdf, 0xb2, 0x94, 0x58, 0x1d, 0xab, 0x7b, 0xdb, 0xb1, 0xc1, 0x32, + 0xd0, 0x06, 0x17, 0x70, 0xdc, 0x43, 0x9b, 0x86, 0x9d, 0xb2, 0x44, 0xa4, 0xaa, 0xa0, 0xaf, 0x03, + 0xbd, 0x09, 0x26, 0x07, 0x2c, 0x39, 0x7f, 0x17, 0xb5, 0x42, 0x2e, 0xfd, 0xf3, 0x88, 0xd1, 0x44, + 0x44, 0x3c, 0xf8, 0x60, 0xd2, 0x48, 0x72, 0xa3, 0x63, 0x75, 0xcb, 0xce, 0x66, 0x6e, 0x3c, 0x05, + 0x1b, 0x24, 0x92, 0x78, 0x07, 0x35, 0xe1, 0x6d, 0x34, 0xe2, 0x52, 0xb1, 0x98, 0xea, 0x70, 0xa4, + 0xd4, 0xb1, 0xba, 0x37, 0x9d, 0x06, 0x18, 0xc6, 0x80, 0x9f, 0x8a, 0x54, 0xe1, 0xc7, 0xc8, 0x40, + 0x74, 0xae, 0x54, 0x62, 0x98, 0x37, 0x81, 0x59, 0x03, 0xf8, 0xa5, 0x52, 0x09, 0xf0, 0x9e, 0xa3, + 0x46, 0x20, 0xe2, 0x98, 0x05, 0x8a, 0x2a, 0xbe, 0x60, 0x22, 0x53, 0xe4, 0x56, 0xc7, 0xea, 0x56, + 0x76, 0xef, 0xf7, 0x8c, 0xea, 0xbd, 0x42, 0xf5, 0xde, 0x41, 0xae, 0xba, 0x53, 0xcf, 0x3d, 0x3c, + 0xe3, 0x80, 0xbf, 0x41, 0x35, 0x1e, 0xcf, 0x52, 0x26, 0x25, 0x0d, 0x22, 0x5f, 0x4a, 0xb2, 0x01, + 0xaf, 0xae, 0xe6, 0xe0, 0x40, 0x63, 0xf8, 0x09, 0x6a, 0x14, 0x24, 0xad, 0x0d, 0x0f, 0x18, 0x29, + 0x03, 0xad, 0x9e, 0xc3, 0xae, 0x41, 0xf1, 0x02, 0xdd, 0xfb, 0x14, 0x4d, 0xc4, 0x2a, 0x15, 0x51, + 0xc4, 0x52, 0xba, 0x10, 0x21, 0x23, 0xb7, 0x3b, 0x56, 0xb7, 0xbe, 0xfb, 0x7d, 0x6f, 0x45, 0x93, + 0xf4, 0x2e, 0x2b, 0xd7, 0x1b, 0xe5, 0x79, 0x3f, 0x79, 0x1f, 0x8b, 0x90, 0x39, 0x2d, 0xbe, 0x0a, + 0xc6, 0x13, 0x54, 0xf1, 0x33, 0x35, 0xcf, 0xab, 0x40, 0x10, 0xa4, 0xd8, 0xb9, 0x2e, 0xc5, 0x7e, + 0xa6, 0xe6, 0xa6, 0x36, 0xcf, 0xd7, 0x89, 0xe5, 0x20, 0xff, 0xd3, 0x19, 0x8f, 0x50, 0x33, 0x0d, + 0x25, 0x4d, 0xd9, 0x34, 0x65, 0x72, 0x4e, 0x43, 0x16, 0xf9, 0x1f, 0x48, 0xe5, 0x1a, 0x4d, 0x21, + 0x4a, 0x23, 0x0d, 0xa5, 0x63, 0xdc, 0x0e, 0xb4, 0x17, 0xfe, 0x16, 0xd5, 0x59, 0x0c, 0x3d, 0xa2, + 0x52, 0x3f, 0xe0, 0xf1, 0x8c, 0x54, 0xa1, 0x3b, 0x6a, 0x06, 0xf5, 0x0c, 0xa8, 0x6b, 0xed, 0x07, + 0x81, 0x16, 0x2c, 0x12, 0x33, 0x3a, 0xe5, 0x11, 0x23, 0x35, 0x90, 0xb6, 0x66, 0xe0, 0xb1, 0x98, + 0x1d, 0xf2, 0x88, 0xe1, 0x17, 0xa8, 0x1e, 0xb2, 0xa9, 0x9f, 0x45, 0x8a, 0x9a, 0xa1, 0x23, 0x75, + 0xb8, 0x56, 0x67, 0xe5, 0x6b, 0x4f, 0x75, 0x9f, 0x98, 0xe7, 0x3a, 0xb5, 0xdc, 0x2f, 0x1f, 0x8d, + 0x27, 0xa8, 0x66, 0x9a, 0xdd, 0x0f, 0x43, 0x2d, 0x29, 0xb1, 0x75, 0x3a, 0x78, 0x43, 0x15, 0x0c, + 0xfb, 0x06, 0xc7, 0xbf, 0xa1, 0x7b, 0x22, 0x53, 0xe7, 0x22, 0x8b, 0x43, 0xfd, 0x84, 0xe9, 0x94, + 0x07, 0x85, 0xd0, 0x4d, 0x48, 0x7d, 0x6d, 0x2d, 0x27, 0xb9, 0xbb, 0x67, 0xbc, 0x97, 0x34, 0x6f, + 0x89, 0x55, 0x26, 0x7c, 0x80, 0xbe, 0xce, 0x35, 0x0b, 0x22, 0xce, 0x62, 0x45, 0x25, 0x0f, 0xaf, + 0xce, 0x18, 0xd9, 0x04, 0x11, 0x1f, 0x18, 0xda, 0x00, 0x58, 0x2e, 0x0f, 0x97, 0x67, 0x0d, 0x77, + 0x50, 0x55, 0x86, 0x92, 0x66, 0xa1, 0xa4, 0x89, 0xaf, 0xe6, 0xe4, 0x0e, 0xe8, 0x89, 0x64, 0x28, + 0xcf, 0x42, 0x79, 0xea, 0xab, 0xb9, 0x2e, 0xb3, 0xfc, 0xa2, 0xcc, 0xad, 0xff, 0x54, 0x66, 0xf9, + 0x59, 0x99, 0x5f, 0xa2, 0xba, 0xa9, 0x07, 0x95, 0x22, 0x4b, 0x03, 0x26, 0xc9, 0xdd, 0xce, 0x8d, + 0x6e, 0x65, 0xf7, 0xd1, 0x4a, 0x71, 0x8c, 0x30, 0x2e, 0x30, 0x9d, 0x5a, 0xb0, 0x74, 0x92, 0x78, + 0x0f, 0xdd, 0xcd, 0x1f, 0xaf, 0xef, 0xa6, 0xc4, 0x05, 0x8b, 0xe9, 0x42, 0x64, 0xb1, 0x22, 0xf7, + 0xcc, 0x5a, 0x31, 0x56, 0x37, 0x94, 0x9e, 0xb6, 0x1d, 0x6b, 0x93, 0x5e, 0x2b, 0xcb, 0xed, 0x23, + 0xd2, 0x85, 0xaf, 0x08, 0x81, 0x07, 0x37, 0x2e, 0x1b, 0x08, 0x60, 0x9d, 0x60, 0x59, 0x4a, 0x3a, + 0xf5, 0x79, 0x44, 0x45, 0xc2, 0x62, 0x72, 0xdf, 0x24, 0x48, 0x2e, 0x45, 0x3c, 0xf4, 0x79, 0x34, + 0x49, 0x58, 0x8c, 0x1f, 0xa1, 0xaa, 0x4a, 0x33, 0xa9, 0x68, 0x28, 0x16, 0x3e, 0x8f, 0x49, 0x1b, + 0x62, 0x57, 0x00, 0x3b, 0x00, 0x08, 0xfb, 0x68, 0x73, 0xe9, 0x0e, 0x2c, 0x0e, 0x44, 0xa8, 0xdb, + 0xfd, 0x01, 0x4c, 0xe3, 0xd3, 0x6b, 0xa7, 0xb1, 0xb8, 0xe5, 0x30, 0x77, 0x74, 0x9a, 0xfe, 0xe7, + 0x10, 0x16, 0xa8, 0xa6, 0x82, 0x84, 0x5e, 0x30, 0x96, 0xf8, 0x11, 0x7f, 0xcb, 0xc8, 0x43, 0x28, + 0xd6, 0x51, 0x1e, 0xfc, 0xf2, 0x43, 0x51, 0xa4, 0xd8, 0xd3, 0x52, 0xeb, 0x3d, 0xc7, 0x45, 0x7c, + 0x2a, 0x44, 0xe4, 0x32, 0xa5, 0x78, 0x3c, 0x93, 0x3d, 0x6f, 0x70, 0x7a, 0xf9, 0x3b, 0x48, 0x5e, + 0x15, 0x11, 0x9d, 0xaa, 0x5a, 0x3a, 0xe1, 0x1d, 0x84, 0xa1, 0x87, 0x24, 0xa3, 0x17, 0xcf, 0x24, + 0x95, 0x3e, 0xfd, 0xf5, 0x9d, 0x22, 0x5b, 0xa0, 0x53, 0x5d, 0x77, 0x92, 0x64, 0xaf, 0x9e, 0x49, + 0xd7, 0x3f, 0x7a, 0xa7, 0xda, 0xbf, 0x5b, 0xa8, 0xb5, 0xb2, 0xd5, 0xb1, 0x83, 0x4a, 0xb0, 0xfb, + 0x2c, 0x90, 0xe2, 0xc7, 0xff, 0x35, 0x2f, 0x3d, 0xbd, 0xe9, 0xa0, 0xf7, 0x20, 0xd6, 0xf6, 0x09, + 0x2a, 0xc1, 0xee, 0x6b, 0xa1, 0x9a, 0x33, 0x7c, 0x31, 0x72, 0x3d, 0xe7, 0x0d, 0x9d, 0x9c, 0x8c, + 0xdf, 0xd8, 0x6b, 0xed, 0xf5, 0xb2, 0x85, 0x9b, 0xe8, 0xf6, 0xfe, 0x78, 0x3c, 0xf9, 0x89, 0xee, + 0x9f, 0xbc, 0xb1, 0x2d, 0x80, 0x1e, 0xa2, 0x3b, 0xaf, 0x47, 0x8e, 0x77, 0xb6, 0x3f, 0xa6, 0xee, + 0xd0, 0x79, 0x3d, 0x1a, 0x0c, 0x8d, 0xc3, 0xba, 0xb6, 0x6e, 0xff, 0x80, 0x5a, 0x2b, 0x77, 0x2e, + 0xde, 0x40, 0x37, 0x26, 0x87, 0x87, 0xf6, 0x1a, 0xae, 0xa0, 0x8d, 0x83, 0xe1, 0xe1, 0xfe, 0xd9, + 0xd8, 0xb3, 0x2d, 0x8c, 0xd0, 0x2d, 0xd7, 0x73, 0x46, 0x03, 0xcf, 0x5e, 0xdf, 0x7e, 0x8c, 0xd0, + 0xe5, 0x2e, 0xc5, 0x65, 0x54, 0x3a, 0x99, 0x9c, 0x0c, 0xed, 0x35, 0x5c, 0x47, 0xe8, 0xf8, 0x0c, + 0xf2, 0x79, 0x63, 0xd7, 0xb6, 0xb6, 0x9f, 0xa0, 0xe6, 0x17, 0x55, 0xd6, 0x74, 0x6f, 0xf8, 0xb3, + 0x67, 0xaf, 0xe9, 0x5f, 0x47, 0xee, 0xe4, 0xc4, 0xb6, 0x8e, 0x4a, 0xe5, 0x86, 0x6d, 0x1f, 0x95, + 0xca, 0xd8, 0xde, 0x3c, 0x2a, 0x95, 0xbf, 0xb2, 0xb7, 0xb6, 0x25, 0xaa, 0x2e, 0xcf, 0x0c, 0x26, + 0x68, 0xa3, 0xd8, 0x5b, 0xe6, 0x6b, 0x5e, 0x1c, 0xf1, 0x08, 0x55, 0x55, 0xa4, 0xbf, 0x4f, 0xa6, + 0xb8, 0xf0, 0xf5, 0xae, 0xec, 0x3e, 0xfe, 0x97, 0x0e, 0xf1, 0xc6, 0x6e, 0xd1, 0x0a, 0x4e, 0x45, + 0x45, 0xb2, 0x38, 0x3c, 0xef, 0xfe, 0xf1, 0x71, 0xcb, 0xfa, 0xf3, 0xe3, 0x96, 0xf5, 0xf7, 0xc7, + 0x2d, 0xeb, 0x97, 0xb6, 0x89, 0xc0, 0x45, 0xdf, 0x4f, 0x78, 0xff, 0xca, 0xdf, 0x95, 0xf3, 0x5b, + 0xb0, 0x25, 0xf6, 0xfe, 0x09, 0x00, 0x00, 0xff, 0xff, 0xa1, 0x7b, 0x7f, 0xde, 0x17, 0x09, 0x00, + 0x00, } diff --git a/mesh/v1alpha1/config.proto b/mesh/v1alpha1/config.proto index 789141debd..bf2e0c2b30 100644 --- a/mesh/v1alpha1/config.proto +++ b/mesh/v1alpha1/config.proto @@ -209,38 +209,7 @@ message MeshConfig { // Fallback to old identity format(without trust domain) if not set. string trust_domain = 26; - // Default service dependency settings for each workload in the - // mesh. ServiceDependencycontrols the reachability of workloads to other - // services in the mesh. - message DefaultServiceDependency { - enum Mode { - // Configure routes to services in all namespaces, i.e. import - // services from all namespaces. - ALL_NAMESPACES = 0; - - // Only configure routes to services that are in the same namespace - // as the workload as well as services in namespaces specified in - // importNamespaces. - SAME_NAMESPACE = 1; - } - - // REQUIRED: The default import setting for every workload in the mesh. - Mode import_mode = 1; - - // Specifies one or more namespaces that should be imported by default - // in all user defined ServiceDependency resources in addition to the - // namespaces explicitly specified by the end user. Use this setting to - // automatically import services/resources from namespaces such as - // istio-system that all workloads in the mesh depend upon. - repeated string import_namespaces = 2; - } - - // The default service dependency setting associated with every workload - // in the mesh. Pilot will program the routes in the sidecars and - // gateways accordingly. If omitted, sidecars will be configured to reach - // every service in the mesh. The default scope can be overriden by - // supplying a ServiceDependency resource per namespace. - DefaultServiceDependency default_service_dependency = 29; + reserved 29; // $hide_from_docs // Next available field number: 31 diff --git a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html index c01ecef561..77ddc649ac 100644 --- a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html +++ b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html @@ -4,7 +4,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/service-mesh.html -number_of_entries: 18 +number_of_entries: 16 ---

AuthenticationPolicy

@@ -303,18 +303,6 @@

MeshConfig

Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain Fallback to old identity format(without trust domain) if not set.

- - - -defaultServiceDependency -MeshConfig.DefaultServiceDependency - -

The default service dependency setting associated with every workload -in the mesh. Pilot will program the routes in the sidecars and -gateways accordingly. If omitted, sidecars will be configured to reach -every service in the mesh. The default scope can be overriden by -supplying a ServiceDependency resource per namespace.

- @@ -338,74 +326,6 @@

MeshConfig.AccessLogEncoding

JSON - - - - -
-

MeshConfig.DefaultServiceDependency

-
-

Default service dependency settings for each workload in the -mesh. ServiceDependencycontrols the reachability of workloads to other -services in the mesh.

- - - - - - - - - - - - - - - - - - - - - -
FieldTypeDescription
importModeMeshConfig.DefaultServiceDependency.Mode -

REQUIRED: The default import setting for every workload in the mesh.

- -
importNamespacesstring[] -

Specifies one or more namespaces that should be imported by default -in all user defined ServiceDependency resources in addition to the -namespaces explicitly specified by the end user. Use this setting to -automatically import services/resources from namespaces such as -istio-system that all workloads in the mesh depend upon.

- -
-
-

MeshConfig.DefaultServiceDependency.Mode

-
- - - - - - - - - - - - - - - diff --git a/networking/v1alpha3/destination_rule.pb.go b/networking/v1alpha3/destination_rule.pb.go index 434926b92d..a6fb51f65c 100644 --- a/networking/v1alpha3/destination_rule.pb.go +++ b/networking/v1alpha3/destination_rule.pb.go @@ -8,8 +8,8 @@ networking/v1alpha3/destination_rule.proto networking/v1alpha3/envoy_filter.proto networking/v1alpha3/gateway.proto - networking/v1alpha3/service_dependency.proto networking/v1alpha3/service_entry.proto + networking/v1alpha3/sidecar.proto networking/v1alpha3/virtual_service.proto It has these top-level messages: @@ -24,8 +24,8 @@ Gateway Server Port - ServiceDependency ServiceEntry + ServiceDependency VirtualService Destination HTTPRoute @@ -4500,94 +4500,94 @@ func init() { } var fileDescriptorDestinationRule = []byte{ - // 1423 bytes of a gzipped FileDescriptorProto + // 1418 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x57, 0xcd, 0x6e, 0x1b, 0xb7, - 0x16, 0xb6, 0x7e, 0x63, 0x1f, 0xd9, 0xb2, 0xcc, 0x6b, 0xe4, 0x2a, 0xba, 0x80, 0xe3, 0x2b, 0x5c, - 0xdc, 0xb8, 0x69, 0x32, 0xaa, 0x1d, 0x14, 0x48, 0x13, 0xa4, 0x88, 0x65, 0x1b, 0x91, 0x1b, 0xd9, + 0x16, 0xb6, 0x7e, 0x63, 0x1f, 0xd9, 0xb2, 0xcc, 0x6b, 0xe4, 0x2a, 0xba, 0x80, 0xe3, 0x08, 0x17, + 0x37, 0xbe, 0x69, 0x33, 0xaa, 0x1d, 0x14, 0x48, 0x13, 0xa4, 0x88, 0x65, 0x1b, 0x91, 0x1b, 0xd9, 0x12, 0x28, 0x19, 0x28, 0xb2, 0x19, 0x50, 0x23, 0x5a, 0x62, 0x3c, 0x1a, 0x4e, 0x49, 0x8e, 0x6a, 0xe7, 0x19, 0xba, 0x0e, 0xba, 0xed, 0xa6, 0xcf, 0x52, 0x74, 0xd5, 0x6d, 0xbb, 0x69, 0x91, 0x17, 0xe8, 0xaa, 0x9b, 0x2e, 0x8a, 0x82, 0x1c, 0xea, 0xc7, 0x89, 0x23, 0xc7, 0x48, 0xb3, 0x23, 0x79, - 0xbe, 0xef, 0x90, 0x3c, 0xe7, 0x9b, 0x73, 0x38, 0x70, 0x3b, 0xa0, 0xea, 0x6b, 0x2e, 0x4e, 0x58, + 0xbe, 0xef, 0x90, 0x3c, 0xe7, 0x9b, 0x73, 0x38, 0x70, 0x27, 0xa0, 0xea, 0x6b, 0x2e, 0x4e, 0x58, 0xd0, 0xab, 0x0c, 0x37, 0x89, 0x1f, 0xf6, 0xc9, 0xbd, 0x4a, 0x97, 0x4a, 0xc5, 0x02, 0xa2, 0x18, 0x0f, 0x5c, 0x11, 0xf9, 0xd4, 0x09, 0x05, 0x57, 0x1c, 0xdd, 0x60, 0x52, 0x31, 0xee, 0x4c, 0x18, 0xce, 0x88, 0x51, 0x5a, 0xeb, 0x71, 0xde, 0xf3, 0x69, 0xc5, 0x00, 0x3b, 0xd1, 0x71, 0xa5, 0x1b, - 0x09, 0xc3, 0x8f, 0xa9, 0xa5, 0x8f, 0x2e, 0xda, 0x66, 0xc8, 0x84, 0x8a, 0x88, 0xef, 0x4a, 0x2a, - 0x86, 0xcc, 0xb3, 0xbb, 0x94, 0xee, 0x5c, 0x04, 0xb5, 0x10, 0xb7, 0x4b, 0x43, 0x1a, 0x74, 0x69, - 0xe0, 0x9d, 0x59, 0xf4, 0x6a, 0x8f, 0xf7, 0xb8, 0x19, 0x56, 0xf4, 0x28, 0x5e, 0x2d, 0xff, 0x95, - 0x80, 0xe5, 0xdd, 0xc9, 0x25, 0x70, 0xe4, 0x53, 0x84, 0x20, 0xdd, 0xe7, 0x52, 0x15, 0x13, 0xeb, - 0x89, 0x8d, 0x05, 0x6c, 0xc6, 0xa8, 0x01, 0x79, 0x25, 0xc8, 0xf1, 0x31, 0xf3, 0xdc, 0x90, 0xfb, - 0xcc, 0x3b, 0x2b, 0x26, 0xd7, 0x13, 0x1b, 0xb9, 0xad, 0x0d, 0xe7, 0xad, 0x57, 0x75, 0xda, 0x31, - 0xa1, 0x69, 0xf0, 0x78, 0x49, 0x4d, 0x4f, 0xd1, 0x43, 0xb8, 0x26, 0xa3, 0x8e, 0xa4, 0x4a, 0x16, - 0x53, 0xeb, 0xa9, 0x8d, 0xdc, 0xd6, 0x7f, 0x67, 0x78, 0x6a, 0x19, 0x24, 0x1e, 0x31, 0xd0, 0x3e, - 0x2c, 0x7a, 0x3c, 0x38, 0x66, 0x3d, 0x57, 0x7a, 0x3c, 0xa4, 0xc5, 0xf4, 0x7a, 0x62, 0x23, 0xbf, - 0xf5, 0xff, 0x19, 0x1e, 0x76, 0x0c, 0xbc, 0xa5, 0xd1, 0x38, 0xe7, 0x4d, 0x26, 0xe5, 0x5f, 0xb2, - 0xb0, 0x74, 0xee, 0xa0, 0xa8, 0x0d, 0x4b, 0x3e, 0x27, 0x5d, 0xb7, 0x43, 0x7c, 0x12, 0x78, 0x54, - 0x98, 0x38, 0xe4, 0xb6, 0x2a, 0x33, 0xbc, 0xd7, 0x39, 0xe9, 0x56, 0x2d, 0xbc, 0x45, 0x95, 0x62, - 0x41, 0x4f, 0xe2, 0x45, 0x7f, 0x6a, 0x15, 0x3d, 0x83, 0x65, 0x8f, 0x07, 0x01, 0xf5, 0x8c, 0x56, - 0x42, 0xce, 0x7d, 0x1b, 0xc1, 0xcd, 0xd9, 0xa7, 0xb6, 0x8c, 0x26, 0xe7, 0xfe, 0xd8, 0x73, 0xde, - 0x3b, 0xb7, 0x8e, 0xbe, 0x84, 0x15, 0x1e, 0x29, 0x9f, 0x51, 0xe1, 0x76, 0xa9, 0x8a, 0x0d, 0xc5, - 0x94, 0xf1, 0xfe, 0xf1, 0x0c, 0xef, 0x8d, 0x98, 0xb3, 0x3b, 0xa2, 0xe0, 0x02, 0x7f, 0x6d, 0x05, - 0xdd, 0x87, 0x94, 0xf2, 0xa5, 0x89, 0x6f, 0x6e, 0x66, 0x7c, 0xdb, 0xf5, 0xd6, 0xf8, 0x78, 0x9a, - 0x82, 0x9e, 0xc3, 0xbf, 0x42, 0x2e, 0x94, 0xeb, 0xd3, 0x21, 0xd5, 0xc2, 0x8d, 0x6d, 0xc5, 0x8c, - 0xc9, 0xf5, 0x83, 0x77, 0x55, 0x8d, 0xd3, 0xe4, 0x42, 0x9d, 0xd7, 0xd1, 0x8a, 0x76, 0x5b, 0xd7, - 0x5e, 0x47, 0x1b, 0x96, 0x5e, 0xa6, 0x60, 0xe5, 0x0d, 0x20, 0x7a, 0x08, 0x69, 0x0d, 0xb5, 0xe9, - 0xbb, 0x35, 0x63, 0x4b, 0xcd, 0x6d, 0x51, 0x9f, 0x7a, 0x8a, 0x0b, 0x6c, 0x48, 0x6f, 0x8a, 0x20, - 0xf9, 0x81, 0x44, 0x90, 0xfa, 0xa0, 0x22, 0x48, 0xff, 0x83, 0x22, 0xc8, 0x5c, 0x59, 0x04, 0xe5, - 0xdf, 0x13, 0x90, 0x8d, 0xbf, 0x5d, 0x5d, 0x54, 0x02, 0x32, 0xa0, 0xa3, 0xa2, 0xa2, 0xc7, 0x68, - 0x0f, 0xb2, 0x3e, 0xe9, 0x50, 0x5f, 0x16, 0x93, 0x46, 0x16, 0x77, 0x2f, 0x2d, 0x01, 0x4e, 0xdd, - 0xe0, 0xf7, 0x02, 0x25, 0xce, 0xb0, 0x25, 0x5f, 0x50, 0x9b, 0x52, 0xef, 0x55, 0x9b, 0x4a, 0x9f, - 0x41, 0x6e, 0x6a, 0x1f, 0x54, 0x80, 0xd4, 0x09, 0x3d, 0xb3, 0x27, 0xd7, 0x43, 0xb4, 0x0a, 0x99, - 0x21, 0xf1, 0x23, 0x6a, 0x54, 0xb1, 0x80, 0xe3, 0xc9, 0x83, 0xe4, 0xfd, 0x44, 0xf9, 0xfb, 0x0c, - 0xac, 0x5e, 0x24, 0x04, 0x84, 0x21, 0x2b, 0xd9, 0x20, 0xf4, 0xe3, 0x08, 0xe4, 0xb7, 0xee, 0x5f, - 0x51, 0x49, 0x4e, 0xcb, 0xb0, 0xeb, 0xd5, 0xda, 0x1c, 0xb6, 0x9e, 0xd0, 0x89, 0x91, 0x93, 0x64, - 0x52, 0xd1, 0x40, 0xb9, 0x7d, 0x22, 0xfb, 0x56, 0xa6, 0x8f, 0xaf, 0xea, 0x7c, 0x67, 0xec, 0xa6, - 0x46, 0x64, 0xdf, 0x6c, 0x92, 0xf7, 0xce, 0xad, 0x95, 0xfe, 0x48, 0x42, 0xe1, 0x75, 0x18, 0xba, - 0x0d, 0x85, 0xbe, 0x52, 0xa1, 0xdb, 0xa7, 0xa4, 0x4b, 0x85, 0x3b, 0xc9, 0xb0, 0x76, 0xa0, 0x2d, - 0x35, 0x63, 0x38, 0xd4, 0xd9, 0x0e, 0x20, 0x67, 0xb0, 0x1e, 0xe7, 0x27, 0x8c, 0xda, 0x93, 0x3e, - 0x7d, 0xdf, 0x93, 0x3a, 0xb5, 0x76, 0xbb, 0xb9, 0x63, 0x5c, 0xd6, 0xe6, 0x30, 0xe8, 0x1d, 0xe2, - 0x19, 0xfa, 0x1f, 0x2c, 0x45, 0x92, 0xba, 0x92, 0x47, 0xc2, 0xa3, 0x2e, 0x0b, 0x8d, 0x2a, 0xe6, - 0x6b, 0x73, 0x38, 0x17, 0x49, 0xda, 0x32, 0xab, 0xfb, 0x21, 0xba, 0x0d, 0x2b, 0x03, 0x16, 0xb0, - 0x41, 0x34, 0x70, 0x05, 0x0b, 0x7a, 0xae, 0x64, 0x2f, 0xe2, 0x7e, 0x92, 0xc6, 0xcb, 0xd6, 0x80, - 0x59, 0xd0, 0x6b, 0xb1, 0x17, 0xb4, 0xd4, 0x03, 0x98, 0xec, 0x76, 0xa1, 0xa2, 0x11, 0xa4, 0x43, - 0xa2, 0xfa, 0x56, 0x17, 0x66, 0x8c, 0x36, 0x21, 0xa5, 0xd4, 0xe8, 0x43, 0xbf, 0xe1, 0xc4, 0xfd, - 0xdf, 0x19, 0xf5, 0x7f, 0x67, 0xd7, 0xf6, 0xff, 0x6a, 0xfa, 0xdb, 0x5f, 0x6f, 0x26, 0xb0, 0xc6, - 0x56, 0x01, 0xe6, 0x75, 0x36, 0xdd, 0x13, 0x7a, 0x56, 0xae, 0xc1, 0xfc, 0x28, 0xf5, 0x68, 0x19, - 0x72, 0xb8, 0x71, 0x74, 0xb8, 0xeb, 0xe2, 0x46, 0x75, 0xff, 0xb0, 0x30, 0x87, 0xf2, 0x00, 0xf5, - 0xbd, 0xed, 0x56, 0xdb, 0xdd, 0x69, 0x1c, 0x1e, 0x16, 0x12, 0x08, 0x20, 0x8b, 0xb7, 0x0f, 0x77, - 0x1b, 0x07, 0x85, 0xa4, 0x06, 0x37, 0xb7, 0x5b, 0xad, 0x76, 0x0d, 0x37, 0x8e, 0x9e, 0xd4, 0x0a, - 0xa9, 0x6a, 0x0e, 0x16, 0xfc, 0x8e, 0xfd, 0x44, 0xca, 0x2f, 0xb3, 0x70, 0xfd, 0xe2, 0xca, 0x82, - 0x1a, 0x90, 0x52, 0x5e, 0x68, 0xeb, 0xe6, 0xa3, 0x2b, 0x57, 0x26, 0xa7, 0xbd, 0xd3, 0x9c, 0x2a, - 0x03, 0x5e, 0x88, 0x30, 0xa4, 0x75, 0x5e, 0x6c, 0xca, 0x3f, 0xbf, 0xba, 0x47, 0x1d, 0xf5, 0xb1, - 0x4b, 0xe3, 0xab, 0xf4, 0x67, 0x12, 0x72, 0x53, 0x1b, 0xa1, 0x5b, 0xb0, 0x3c, 0x20, 0xa7, 0xee, - 0xa4, 0x28, 0x4a, 0x73, 0x81, 0x0c, 0xce, 0x0f, 0xc8, 0xe9, 0xc4, 0xad, 0x44, 0xd5, 0x71, 0x0d, - 0x76, 0x15, 0x1b, 0x50, 0x1e, 0x29, 0x7b, 0xae, 0xb7, 0xa7, 0x66, 0x5c, 0x6b, 0xdb, 0x31, 0x01, - 0x71, 0x58, 0x52, 0x5e, 0xe8, 0x9e, 0x50, 0x1a, 0x12, 0x9f, 0x0d, 0xa9, 0x4d, 0xee, 0x17, 0xef, - 0x15, 0x2b, 0xa7, 0xed, 0x85, 0x4f, 0x47, 0x1e, 0xf1, 0xa2, 0x9a, 0x9a, 0x95, 0xbe, 0x49, 0xc0, - 0xe2, 0xb4, 0x19, 0x5d, 0x87, 0x6c, 0x28, 0x78, 0x87, 0xc6, 0xb7, 0x5c, 0xc2, 0x76, 0x86, 0xee, - 0x42, 0x5a, 0xdf, 0xea, 0xf2, 0x2b, 0x19, 0x18, 0xfa, 0x14, 0xe6, 0x59, 0xa0, 0xa8, 0x18, 0x92, - 0xcb, 0x05, 0x8a, 0xc7, 0xd0, 0xd2, 0xcf, 0x09, 0x58, 0x9c, 0xce, 0x09, 0x7a, 0x08, 0x25, 0x9d, - 0x95, 0x4d, 0x57, 0xe7, 0x40, 0x3f, 0x3c, 0xf5, 0xa7, 0x24, 0xe8, 0x57, 0x11, 0x95, 0x6a, 0x94, - 0x88, 0x7f, 0x1b, 0xc4, 0x01, 0x39, 0x6d, 0xc6, 0x76, 0x6c, 0xcd, 0xe8, 0x0e, 0x20, 0x6d, 0xda, - 0x32, 0xe4, 0x31, 0x29, 0x69, 0x48, 0xa6, 0xbc, 0x6c, 0x1d, 0x90, 0xd3, 0x31, 0xfa, 0x11, 0xfc, - 0x67, 0x1a, 0xe7, 0x86, 0x54, 0x4c, 0x65, 0xdd, 0xdc, 0x22, 0x83, 0x8b, 0x83, 0x09, 0xa3, 0x49, - 0xc5, 0x24, 0xf8, 0xe8, 0x26, 0xe4, 0x62, 0xba, 0x12, 0x8c, 0xc6, 0x2f, 0x9b, 0x0c, 0x06, 0x03, - 0x37, 0x2b, 0xe5, 0xef, 0x92, 0x50, 0x78, 0xbd, 0x29, 0xa2, 0xbb, 0x80, 0x74, 0x39, 0xa4, 0x5e, - 0xa4, 0xd8, 0x90, 0xba, 0x54, 0x08, 0x2e, 0x46, 0xf7, 0x5a, 0x99, 0xb2, 0xec, 0x19, 0xc3, 0xb9, - 0xb0, 0x26, 0xdf, 0x39, 0xac, 0xe8, 0x09, 0xa0, 0x0e, 0x91, 0xd4, 0xa5, 0xcf, 0xed, 0x0b, 0xc1, - 0xa4, 0xf2, 0xd2, 0xbc, 0x14, 0x34, 0x69, 0xcf, 0x72, 0xb4, 0x44, 0xd1, 0x27, 0xb0, 0xaa, 0x2f, - 0x39, 0xf6, 0x13, 0x52, 0xe1, 0xd1, 0x40, 0xd9, 0xdb, 0xa2, 0x01, 0x39, 0x1d, 0xc1, 0x9b, 0xb1, - 0x45, 0xe7, 0x60, 0xc0, 0x02, 0x5d, 0xc7, 0x7d, 0xd5, 0x1f, 0xe3, 0x33, 0x71, 0x0e, 0x06, 0x2c, - 0xa8, 0x19, 0x83, 0x45, 0x97, 0x7f, 0xd4, 0x1f, 0xdf, 0xa4, 0xd9, 0xa3, 0x2a, 0xa4, 0x07, 0xbc, - 0x3b, 0x6a, 0x6d, 0xce, 0xbb, 0x3d, 0x11, 0xf4, 0x58, 0xb3, 0xb0, 0xe1, 0x9a, 0x10, 0xfb, 0x4c, - 0x37, 0x32, 0x8f, 0x0a, 0xc5, 0x8e, 0x99, 0x47, 0xd4, 0xa8, 0xc1, 0xae, 0xc4, 0x96, 0x9d, 0x89, - 0x41, 0xe7, 0x31, 0x14, 0x6c, 0x48, 0x14, 0xd5, 0x55, 0xd2, 0x04, 0x69, 0x01, 0x83, 0x5d, 0x7a, - 0x4a, 0xcf, 0x74, 0x41, 0xf0, 0xc8, 0xb4, 0xaf, 0x38, 0xd9, 0x0b, 0x38, 0xef, 0x91, 0x29, 0x47, - 0x52, 0x77, 0x00, 0x19, 0x75, 0x74, 0x3c, 0x5c, 0xe2, 0x2b, 0xd3, 0xc3, 0xe2, 0x77, 0xea, 0x02, - 0x5e, 0xb6, 0x86, 0x6d, 0x5f, 0xe9, 0x16, 0x26, 0xf5, 0x53, 0x40, 0x06, 0xac, 0x98, 0x8d, 0x9f, - 0x02, 0x32, 0x60, 0xe5, 0xc7, 0x70, 0xcd, 0xde, 0x03, 0xe5, 0xe0, 0xda, 0xee, 0x7e, 0x6b, 0xbb, - 0x5a, 0xdf, 0x2b, 0xcc, 0xe9, 0x4a, 0xdc, 0xda, 0x3f, 0x68, 0xd6, 0xf7, 0xe2, 0xaa, 0x7c, 0x70, - 0xd4, 0x3e, 0xda, 0xae, 0x17, 0x92, 0xa8, 0x00, 0x8b, 0xfb, 0xad, 0xf6, 0x7e, 0xc3, 0xb5, 0x2b, - 0xa9, 0xaa, 0xf3, 0xc3, 0xab, 0xb5, 0xc4, 0x4f, 0xaf, 0xd6, 0x12, 0xbf, 0xbd, 0x5a, 0x4b, 0x3c, - 0x5b, 0x8f, 0x63, 0xc7, 0x78, 0x85, 0x84, 0xac, 0x72, 0xc1, 0x1f, 0x5e, 0x27, 0x6b, 0x14, 0x70, - 0xef, 0xef, 0x00, 0x00, 0x00, 0xff, 0xff, 0x37, 0xf8, 0x6b, 0x20, 0x91, 0x0e, 0x00, 0x00, + 0x09, 0xc3, 0x8f, 0xa9, 0xa5, 0xff, 0x5f, 0xb4, 0xcd, 0x90, 0x09, 0x15, 0x11, 0xdf, 0x95, 0x54, + 0x0c, 0x99, 0x67, 0x77, 0x29, 0xdd, 0xba, 0x08, 0x2a, 0x59, 0x97, 0x7a, 0x44, 0x58, 0xc8, 0x6a, + 0x8f, 0xf7, 0xb8, 0x19, 0x56, 0xf4, 0x28, 0x5e, 0x2d, 0xff, 0x95, 0x80, 0xe5, 0xdd, 0xc9, 0xc9, + 0x71, 0xe4, 0x53, 0x84, 0x20, 0xdd, 0xe7, 0x52, 0x15, 0x13, 0xeb, 0x89, 0x8d, 0x05, 0x6c, 0xc6, + 0xa8, 0x01, 0x79, 0x25, 0xc8, 0xf1, 0x31, 0xf3, 0xdc, 0x90, 0xfb, 0xcc, 0x3b, 0x2b, 0x26, 0xd7, + 0x13, 0x1b, 0xb9, 0xad, 0x0d, 0xe7, 0xad, 0xf7, 0x73, 0xda, 0x31, 0xa1, 0x69, 0xf0, 0x78, 0x49, + 0x4d, 0x4f, 0xd1, 0x43, 0xb8, 0x26, 0xa3, 0x8e, 0xa4, 0x4a, 0x16, 0x53, 0xeb, 0xa9, 0x8d, 0xdc, + 0xd6, 0xad, 0x19, 0x9e, 0x5a, 0x06, 0x89, 0x47, 0x0c, 0xb4, 0x0f, 0x8b, 0x1e, 0x0f, 0x8e, 0x59, + 0xcf, 0x95, 0x1e, 0x0f, 0x69, 0x31, 0xbd, 0x9e, 0xd8, 0xc8, 0x6f, 0xfd, 0x6f, 0x86, 0x87, 0x1d, + 0x03, 0x6f, 0x69, 0x34, 0xce, 0x79, 0x93, 0x49, 0xf9, 0x97, 0x2c, 0x2c, 0x9d, 0x3b, 0x28, 0x6a, + 0xc3, 0x92, 0xcf, 0x49, 0xd7, 0xed, 0x10, 0x9f, 0x04, 0x1e, 0x15, 0x26, 0x0e, 0xb9, 0xad, 0xca, + 0x0c, 0xef, 0x75, 0x4e, 0xba, 0x55, 0x0b, 0x6f, 0x51, 0xa5, 0x58, 0xd0, 0x93, 0x78, 0xd1, 0x9f, + 0x5a, 0x45, 0xcf, 0x60, 0xd9, 0xe3, 0x41, 0x40, 0x3d, 0x23, 0x90, 0x90, 0x73, 0xdf, 0x46, 0x70, + 0x73, 0xf6, 0xa9, 0x2d, 0xa3, 0xc9, 0xb9, 0x3f, 0xf6, 0x9c, 0xf7, 0xce, 0xad, 0xa3, 0x2f, 0x61, + 0x85, 0x47, 0xca, 0x67, 0x54, 0xb8, 0x5d, 0xaa, 0x62, 0x43, 0x31, 0x65, 0xbc, 0x7f, 0x34, 0xc3, + 0x7b, 0x23, 0xe6, 0xec, 0x8e, 0x28, 0xb8, 0xc0, 0x5f, 0x5b, 0x41, 0xf7, 0x21, 0xa5, 0x7c, 0x69, + 0xe2, 0x9b, 0x9b, 0x19, 0xdf, 0x76, 0xbd, 0x35, 0x3e, 0x9e, 0xa6, 0xa0, 0xe7, 0xf0, 0xaf, 0x90, + 0x0b, 0xe5, 0xfa, 0x74, 0x48, 0xb5, 0x5a, 0x63, 0x5b, 0x31, 0x63, 0x72, 0xfd, 0xe0, 0x5d, 0x55, + 0xe3, 0x34, 0xb9, 0x50, 0xe7, 0x75, 0xb4, 0xa2, 0xdd, 0xd6, 0xb5, 0xd7, 0xd1, 0x86, 0xa5, 0x97, + 0x29, 0x58, 0x79, 0x03, 0x88, 0x1e, 0x42, 0x5a, 0x43, 0x6d, 0xfa, 0x6e, 0xcf, 0xd8, 0x52, 0x73, + 0x5b, 0xd4, 0xa7, 0x9e, 0xe2, 0x02, 0x1b, 0xd2, 0x9b, 0x22, 0x48, 0x7e, 0x20, 0x11, 0xa4, 0x3e, + 0xa8, 0x08, 0xd2, 0xff, 0xa0, 0x08, 0x32, 0x57, 0x16, 0x41, 0xf9, 0xf7, 0x04, 0x64, 0xe3, 0x6f, + 0x57, 0x17, 0x95, 0x80, 0x0c, 0xe8, 0xa8, 0xa8, 0xe8, 0x31, 0xda, 0x83, 0xac, 0x4f, 0x3a, 0xd4, + 0x97, 0xc5, 0xa4, 0x91, 0xc5, 0xdd, 0x4b, 0x4b, 0x80, 0x53, 0x37, 0xf8, 0xbd, 0x40, 0x89, 0x33, + 0x6c, 0xc9, 0x17, 0xd4, 0xa6, 0xd4, 0x7b, 0xd5, 0xa6, 0xd2, 0x67, 0x90, 0x9b, 0xda, 0x07, 0x15, + 0x20, 0x75, 0x42, 0xcf, 0xec, 0xc9, 0xf5, 0x10, 0xad, 0x42, 0x66, 0x48, 0xfc, 0x88, 0x1a, 0x55, + 0x2c, 0xe0, 0x78, 0xf2, 0x20, 0x79, 0x3f, 0x51, 0xfe, 0x3e, 0x03, 0xab, 0x17, 0x09, 0x01, 0x61, + 0xc8, 0x4a, 0x36, 0x08, 0xfd, 0x38, 0x02, 0xf9, 0xad, 0xfb, 0x57, 0x54, 0x92, 0xd3, 0x32, 0xec, + 0x7a, 0xb5, 0x36, 0x87, 0xad, 0x27, 0x74, 0x62, 0xe4, 0x24, 0x99, 0x54, 0x34, 0x50, 0x6e, 0x9f, + 0xc8, 0xbe, 0x95, 0xe9, 0xe3, 0xab, 0x3a, 0xdf, 0x19, 0xbb, 0xa9, 0x11, 0xd9, 0x37, 0x9b, 0xe4, + 0xbd, 0x73, 0x6b, 0xa5, 0x3f, 0x92, 0x50, 0x78, 0x1d, 0x86, 0xee, 0x40, 0xa1, 0xaf, 0x54, 0xe8, + 0xf6, 0x29, 0xe9, 0x52, 0xe1, 0x4e, 0x32, 0xac, 0x1d, 0x68, 0x4b, 0xcd, 0x18, 0x0e, 0x75, 0xb6, + 0x03, 0xc8, 0x19, 0xac, 0xc7, 0xf9, 0x09, 0xa3, 0xf6, 0xa4, 0x4f, 0xdf, 0xf7, 0xa4, 0x4e, 0xad, + 0xdd, 0x6e, 0xee, 0x18, 0x97, 0xb5, 0x39, 0x0c, 0x7a, 0x87, 0x78, 0x86, 0xfe, 0x0b, 0x4b, 0x91, + 0xa4, 0xae, 0xe4, 0x91, 0xf0, 0xa8, 0xcb, 0x42, 0xa3, 0x8a, 0xf9, 0xda, 0x1c, 0xce, 0x45, 0x92, + 0xb6, 0xcc, 0xea, 0x7e, 0x88, 0xee, 0xc0, 0xca, 0x80, 0x05, 0x6c, 0x10, 0x0d, 0x5c, 0xc1, 0x82, + 0x9e, 0x2b, 0xd9, 0x8b, 0xb8, 0x9f, 0xa4, 0xf1, 0xb2, 0x35, 0x60, 0x16, 0xf4, 0x5a, 0xec, 0x05, + 0x2d, 0xf5, 0x00, 0x26, 0xbb, 0x5d, 0xa8, 0x68, 0x04, 0xe9, 0x90, 0xa8, 0xbe, 0xd5, 0x85, 0x19, + 0xa3, 0x4d, 0x48, 0x29, 0x35, 0xfa, 0xd0, 0x6f, 0x38, 0x71, 0xd3, 0x77, 0x46, 0x4d, 0xdf, 0xd9, + 0xb5, 0x4d, 0xbf, 0x9a, 0xfe, 0xf6, 0xd7, 0x9b, 0x09, 0xac, 0xb1, 0x55, 0x80, 0x79, 0x9d, 0x4d, + 0xf7, 0x84, 0x9e, 0x95, 0x6b, 0x30, 0x3f, 0x4a, 0x3d, 0x5a, 0x86, 0x1c, 0x6e, 0x1c, 0x1d, 0xee, + 0xba, 0xb8, 0x51, 0xdd, 0x3f, 0x2c, 0xcc, 0xa1, 0x3c, 0x40, 0x7d, 0x6f, 0xbb, 0xd5, 0x76, 0x77, + 0x1a, 0x87, 0x87, 0x85, 0x04, 0x02, 0xc8, 0xe2, 0xed, 0xc3, 0xdd, 0xc6, 0x41, 0x21, 0xa9, 0xc1, + 0xcd, 0xed, 0x56, 0xab, 0x5d, 0xc3, 0x8d, 0xa3, 0x27, 0xb5, 0x42, 0xaa, 0x9a, 0x83, 0x05, 0xbf, + 0x63, 0x3f, 0x91, 0xf2, 0xcb, 0x2c, 0x5c, 0xbf, 0xb8, 0xb2, 0xa0, 0x06, 0xa4, 0x94, 0x17, 0xda, + 0xba, 0xf9, 0xe8, 0xca, 0x95, 0xc9, 0x69, 0xef, 0x34, 0xa7, 0xca, 0x80, 0x17, 0x22, 0x0c, 0x69, + 0x9d, 0x17, 0x9b, 0xf2, 0xcf, 0xaf, 0xee, 0x51, 0x47, 0x7d, 0xec, 0xd2, 0xf8, 0x2a, 0xfd, 0x99, + 0x84, 0xdc, 0xd4, 0x46, 0xe8, 0x36, 0x2c, 0x0f, 0xc8, 0xa9, 0x3b, 0x29, 0x8a, 0xd2, 0x5c, 0x20, + 0x83, 0xf3, 0x03, 0x72, 0x3a, 0x71, 0x2b, 0x51, 0x75, 0x5c, 0x83, 0x5d, 0xc5, 0x06, 0x94, 0x47, + 0xca, 0x9e, 0xeb, 0xed, 0xa9, 0x19, 0xd7, 0xda, 0x76, 0x4c, 0x40, 0x1c, 0x96, 0x94, 0x17, 0xba, + 0x27, 0x94, 0x86, 0xc4, 0x67, 0x43, 0x6a, 0x93, 0xfb, 0xc5, 0x7b, 0xc5, 0xca, 0x69, 0x7b, 0xe1, + 0xd3, 0x91, 0x47, 0xbc, 0xa8, 0xa6, 0x66, 0xa5, 0x6f, 0x12, 0xb0, 0x38, 0x6d, 0x46, 0xd7, 0x21, + 0x1b, 0x0a, 0xde, 0xa1, 0xf1, 0x2d, 0x97, 0xb0, 0x9d, 0xa1, 0xbb, 0x90, 0xd6, 0xb7, 0xba, 0xfc, + 0x4a, 0x06, 0x86, 0x3e, 0x85, 0x79, 0x16, 0x28, 0x2a, 0x86, 0xe4, 0x72, 0x81, 0xe2, 0x31, 0xb4, + 0xf4, 0x73, 0x02, 0x16, 0xa7, 0x73, 0x82, 0x1e, 0x42, 0x49, 0x67, 0x65, 0xd3, 0xd5, 0x39, 0x08, + 0x69, 0xd0, 0xd5, 0x9f, 0x92, 0xa0, 0x5f, 0x45, 0x54, 0xaa, 0x51, 0x22, 0xfe, 0x6d, 0x10, 0x07, + 0xe4, 0xb4, 0x19, 0xdb, 0xb1, 0x35, 0xa3, 0x8f, 0x01, 0x69, 0xd3, 0x96, 0x21, 0x8f, 0x49, 0x49, + 0x43, 0x32, 0xe5, 0x65, 0xeb, 0x80, 0x9c, 0x8e, 0xd1, 0x8f, 0xe0, 0x3f, 0xd3, 0x38, 0x37, 0xa4, + 0x62, 0x2a, 0xeb, 0xe6, 0x16, 0x19, 0x5c, 0x1c, 0x4c, 0x18, 0x4d, 0x2a, 0x26, 0xc1, 0x47, 0x37, + 0x21, 0x17, 0xd3, 0x95, 0x60, 0x34, 0x7e, 0xd9, 0x64, 0x30, 0x18, 0xb8, 0x59, 0x29, 0x7f, 0x97, + 0x84, 0xc2, 0xeb, 0x4d, 0x11, 0xdd, 0x05, 0xa4, 0xcb, 0x21, 0xf5, 0x22, 0xc5, 0x86, 0xd4, 0xa5, + 0x42, 0x70, 0x31, 0xba, 0xd7, 0xca, 0x94, 0x65, 0xcf, 0x18, 0xce, 0x85, 0x35, 0xf9, 0xce, 0x61, + 0x45, 0x4f, 0x00, 0x75, 0x88, 0xa4, 0x2e, 0x7d, 0x6e, 0x5f, 0x08, 0x26, 0x95, 0x97, 0xe6, 0xa5, + 0xa0, 0x49, 0x7b, 0x96, 0xa3, 0x25, 0x8a, 0x3e, 0x81, 0x55, 0x7d, 0xc9, 0xb1, 0x9f, 0x90, 0x0a, + 0x8f, 0x06, 0xca, 0xde, 0x16, 0x0d, 0xc8, 0xe9, 0x08, 0xde, 0x8c, 0x2d, 0x3a, 0x07, 0x03, 0x16, + 0xe8, 0x3a, 0xee, 0xab, 0xfe, 0x18, 0x9f, 0x89, 0x73, 0x30, 0x60, 0x41, 0xcd, 0x18, 0x2c, 0xba, + 0xfc, 0xa3, 0xfe, 0xf8, 0x26, 0xcd, 0x1e, 0x55, 0x21, 0x3d, 0xe0, 0xdd, 0x51, 0x6b, 0x73, 0xde, + 0xed, 0x89, 0xa0, 0xc7, 0x9a, 0x85, 0x0d, 0xd7, 0x84, 0xd8, 0x67, 0xba, 0x91, 0x79, 0x54, 0x28, + 0x76, 0xcc, 0x3c, 0xa2, 0x46, 0x0d, 0x76, 0x25, 0xb6, 0xec, 0x4c, 0x0c, 0x3a, 0x8f, 0xa1, 0x60, + 0x43, 0xa2, 0xa8, 0xae, 0x92, 0x26, 0x48, 0x0b, 0x18, 0xec, 0xd2, 0x53, 0x7a, 0xa6, 0x0b, 0x82, + 0x47, 0xa6, 0x7d, 0xc5, 0xc9, 0x5e, 0xc0, 0x79, 0x8f, 0x4c, 0x39, 0x92, 0xba, 0x03, 0xc8, 0xa8, + 0xa3, 0xe3, 0xe1, 0x12, 0x5f, 0x99, 0x1e, 0x16, 0xbf, 0x53, 0x17, 0xf0, 0xb2, 0x35, 0x6c, 0xfb, + 0x4a, 0xb7, 0x30, 0xa9, 0x9f, 0x02, 0x32, 0x60, 0xc5, 0x6c, 0xfc, 0x14, 0x90, 0x01, 0x2b, 0x3f, + 0x86, 0x6b, 0xf6, 0x1e, 0x28, 0x07, 0xd7, 0x76, 0xf7, 0x5b, 0xdb, 0xd5, 0xfa, 0x5e, 0x61, 0x4e, + 0x57, 0xe2, 0xd6, 0xfe, 0x41, 0xb3, 0xbe, 0x17, 0x57, 0xe5, 0x83, 0xa3, 0xf6, 0xd1, 0x76, 0xbd, + 0x90, 0x44, 0x05, 0x58, 0xdc, 0x6f, 0xb5, 0xf7, 0x1b, 0xae, 0x5d, 0x49, 0x55, 0x9d, 0x1f, 0x5e, + 0xad, 0x25, 0x7e, 0x7a, 0xb5, 0x96, 0xf8, 0xed, 0xd5, 0x5a, 0xe2, 0xd9, 0x7a, 0x1c, 0x3b, 0xc6, + 0x2b, 0x24, 0x64, 0x95, 0x0b, 0x7e, 0xeb, 0x3a, 0x59, 0xa3, 0x80, 0x7b, 0x7f, 0x07, 0x00, 0x00, + 0xff, 0xff, 0x4e, 0xda, 0x16, 0xb0, 0x86, 0x0e, 0x00, 0x00, } diff --git a/networking/v1alpha3/destination_rule.proto b/networking/v1alpha3/destination_rule.proto index e48b93c055..2bac0eb684 100644 --- a/networking/v1alpha3/destination_rule.proto +++ b/networking/v1alpha3/destination_rule.proto @@ -15,7 +15,7 @@ syntax = "proto3"; import "google/protobuf/duration.proto"; import "networking/v1alpha3/virtual_service.proto"; -import "networking/v1alpha3/service_dependency.proto"; +import "networking/v1alpha3/sidecar.proto"; import "gogoproto/gogo.proto"; package istio.networking.v1alpha3; diff --git a/networking/v1alpha3/service_entry.pb.go b/networking/v1alpha3/service_entry.pb.go index ba15812abd..2642cde348 100644 --- a/networking/v1alpha3/service_entry.pb.go +++ b/networking/v1alpha3/service_entry.pb.go @@ -1538,38 +1538,38 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/service_entry.proto", fileDescriptorServiceEntry) } var fileDescriptorServiceEntry = []byte{ - // 524 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x53, 0xdd, 0x6e, 0xd3, 0x30, - 0x14, 0x9e, 0x9b, 0x2d, 0x6d, 0x4e, 0x37, 0x54, 0x2c, 0x84, 0x42, 0x84, 0x4a, 0xe8, 0x05, 0x54, - 0x02, 0xa5, 0xa3, 0x13, 0xd2, 0xf8, 0xb9, 0x19, 0x23, 0x12, 0x95, 0x4a, 0x00, 0xb7, 0x17, 0x88, - 0x9b, 0x2a, 0x4b, 0x4d, 0x6b, 0x2d, 0x8a, 0xa3, 0xd8, 0x6b, 0xd5, 0xb7, 0xe0, 0x31, 0x78, 0x14, - 0x2e, 0x79, 0x04, 0xd4, 0x27, 0x41, 0x71, 0x9c, 0xa6, 0x17, 0xa3, 0x6c, 0x77, 0xf9, 0x4e, 0xce, - 0xf7, 0xf9, 0x3b, 0xfe, 0x8e, 0xe1, 0x69, 0x42, 0xe5, 0x92, 0x67, 0x97, 0x2c, 0x99, 0xf5, 0x16, - 0x2f, 0xc2, 0x38, 0x9d, 0x87, 0x27, 0x3d, 0x41, 0xb3, 0x05, 0x8b, 0xe8, 0x84, 0x26, 0x32, 0x5b, - 0x79, 0x69, 0xc6, 0x25, 0xc7, 0x0f, 0x98, 0x90, 0x8c, 0x7b, 0x55, 0xbb, 0x57, 0xb6, 0x3b, 0x8f, - 0xaf, 0xd3, 0x98, 0x85, 0x92, 0x2e, 0x43, 0xcd, 0x76, 0x9e, 0xef, 0x3a, 0x66, 0x4a, 0x53, 0x9a, - 0x4c, 0x69, 0x12, 0xe9, 0xee, 0xce, 0xcf, 0x3a, 0x1c, 0x8e, 0x8a, 0x9f, 0x7e, 0x6e, 0x01, 0xdf, - 0x83, 0x83, 0x39, 0x17, 0x52, 0xd8, 0xc8, 0x35, 0xba, 0x16, 0x29, 0x00, 0x7e, 0x08, 0x56, 0x38, - 0x9d, 0x66, 0x54, 0x08, 0x2a, 0xec, 0x9a, 0xfa, 0x53, 0x15, 0xf0, 0x4b, 0x38, 0x48, 0x79, 0x26, - 0x85, 0x6d, 0xb8, 0x46, 0xb7, 0xd9, 0x7f, 0xe4, 0xfd, 0x73, 0x00, 0xef, 0x33, 0xcf, 0x24, 0x29, - 0xba, 0xf1, 0x10, 0x1a, 0x31, 0x8f, 0x42, 0xc9, 0x78, 0x62, 0xef, 0xbb, 0xa8, 0x7b, 0xa7, 0x7f, - 0xbc, 0x83, 0xb9, 0xed, 0xd2, 0x1b, 0x6a, 0x1e, 0xd9, 0x28, 0x60, 0x02, 0x90, 0x51, 0xc1, 0xe3, - 0x2b, 0xa5, 0x77, 0xa0, 0xf4, 0xfa, 0x37, 0xd5, 0x23, 0x1b, 0x26, 0xd9, 0x52, 0xc1, 0x01, 0x58, - 0x34, 0x99, 0xa6, 0x9c, 0x25, 0x52, 0xd8, 0xa6, 0x1a, 0xee, 0xc6, 0x16, 0x7d, 0x4d, 0x24, 0x95, - 0x04, 0x1e, 0xc0, 0x61, 0xc4, 0x93, 0xef, 0x6c, 0x36, 0x11, 0x11, 0x4f, 0xa9, 0x5d, 0x57, 0x2e, - 0x9f, 0xec, 0x90, 0x3c, 0x57, 0xed, 0xa3, 0xbc, 0x9b, 0x34, 0xa3, 0x0a, 0x38, 0x3f, 0x0c, 0x68, - 0x94, 0x47, 0x60, 0x1b, 0xea, 0x3a, 0x0d, 0x1b, 0xb9, 0xa8, 0x6b, 0x91, 0x12, 0xe2, 0x2f, 0x65, - 0x34, 0x35, 0xe5, 0xfe, 0xcd, 0x6d, 0xdd, 0xab, 0xc0, 0x84, 0xaa, 0x95, 0xb1, 0x8d, 0xc1, 0x8c, - 0xc3, 0x0b, 0x1a, 0x97, 0x71, 0xbf, 0xbd, 0xb5, 0xe6, 0x50, 0xd1, 0x0b, 0x51, 0xad, 0x95, 0x8f, - 0xa0, 0x05, 0xd4, 0x2e, 0x58, 0xa4, 0x84, 0xd8, 0x29, 0xd6, 0x24, 0x66, 0x72, 0xa5, 0x62, 0xb5, - 0xc8, 0x06, 0xe3, 0xfb, 0x60, 0x2e, 0x29, 0x9b, 0xcd, 0xa5, 0x6d, 0xba, 0xa8, 0x7b, 0x44, 0x34, - 0x72, 0x4e, 0x01, 0x2a, 0xe3, 0xb8, 0x05, 0xc6, 0x25, 0x5d, 0xe9, 0xab, 0xc9, 0x3f, 0xf3, 0x2d, - 0x5f, 0x84, 0xf1, 0x15, 0xb5, 0x6b, 0x8a, 0x56, 0x80, 0xd7, 0xb5, 0x53, 0xe4, 0xbc, 0x82, 0xe6, - 0x96, 0xbd, 0xff, 0x51, 0xad, 0x2d, 0x6a, 0xe7, 0x18, 0x1a, 0xe5, 0x5e, 0xe2, 0xbb, 0x70, 0xf4, - 0xd1, 0x1f, 0x7d, 0x98, 0xf8, 0x5f, 0xc7, 0x3e, 0x09, 0xce, 0x86, 0xad, 0xbd, 0x4d, 0x69, 0x10, - 0xe8, 0x12, 0xea, 0x3c, 0x03, 0xa8, 0x36, 0x0f, 0x37, 0x60, 0x3f, 0xf8, 0x14, 0xf8, 0xad, 0x3d, - 0x0c, 0x60, 0x8e, 0xc6, 0x67, 0xe3, 0xc1, 0x79, 0x0b, 0xe1, 0x3a, 0x18, 0xef, 0x83, 0x51, 0xab, - 0xf6, 0xce, 0xfb, 0xb5, 0x6e, 0xa3, 0xdf, 0xeb, 0x36, 0xfa, 0xb3, 0x6e, 0xa3, 0x6f, 0x6e, 0x71, - 0xe9, 0x8c, 0xf7, 0xc2, 0x94, 0xf5, 0xae, 0x79, 0xf3, 0x17, 0xa6, 0x7a, 0xe1, 0x27, 0x7f, 0x03, - 0x00, 0x00, 0xff, 0xff, 0xe4, 0x0f, 0x29, 0x22, 0x78, 0x04, 0x00, 0x00, + // 521 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x53, 0xcd, 0x6e, 0xd3, 0x4c, + 0x14, 0xed, 0xc4, 0x8d, 0x13, 0xdf, 0xb4, 0x9f, 0xf2, 0x8d, 0x10, 0x1a, 0x22, 0x14, 0x4c, 0x16, + 0x10, 0x09, 0xc9, 0x29, 0xa9, 0x90, 0xca, 0xcf, 0xa6, 0x14, 0x4b, 0x44, 0x0a, 0x06, 0x26, 0x59, + 0x20, 0x36, 0xd1, 0xd4, 0x19, 0x92, 0x51, 0x2d, 0x8f, 0xe5, 0x99, 0x26, 0xca, 0x5b, 0xf0, 0x18, + 0x3c, 0x0a, 0x4b, 0x1e, 0x01, 0xe5, 0x49, 0x50, 0xc6, 0x76, 0x9c, 0x45, 0x28, 0xed, 0xce, 0xe7, + 0xfa, 0x9c, 0x73, 0xcf, 0xcc, 0xbd, 0x03, 0x4f, 0x63, 0xae, 0x97, 0x32, 0xbd, 0x12, 0xf1, 0xac, + 0xb7, 0x78, 0xce, 0xa2, 0x64, 0xce, 0x4e, 0x7b, 0x8a, 0xa7, 0x0b, 0x11, 0xf2, 0x09, 0x8f, 0x75, + 0xba, 0xf2, 0x92, 0x54, 0x6a, 0x89, 0x1f, 0x08, 0xa5, 0x85, 0xf4, 0x4a, 0xba, 0x57, 0xd0, 0x5b, + 0x8f, 0xf7, 0x79, 0xcc, 0x98, 0xe6, 0x4b, 0x96, 0xab, 0xf7, 0x53, 0x94, 0x98, 0xf2, 0x90, 0xa5, + 0x19, 0xa5, 0xf3, 0xa3, 0x06, 0x47, 0xa3, 0xac, 0xb1, 0xbf, 0xe9, 0x8b, 0xef, 0x41, 0x75, 0x2e, + 0x95, 0x56, 0x04, 0xb9, 0x56, 0xd7, 0xa1, 0x19, 0xc0, 0x0f, 0xc1, 0x61, 0xd3, 0x69, 0xca, 0x95, + 0xe2, 0x8a, 0x54, 0xcc, 0x9f, 0xb2, 0x80, 0x5f, 0x40, 0x35, 0x91, 0xa9, 0x56, 0xc4, 0x72, 0xad, + 0x6e, 0xa3, 0xff, 0xc8, 0xfb, 0x6b, 0x6a, 0xef, 0x93, 0x4c, 0x35, 0xcd, 0xd8, 0x78, 0x08, 0xf5, + 0x48, 0x86, 0x4c, 0x0b, 0x19, 0x93, 0x43, 0x17, 0x75, 0xff, 0xeb, 0x9f, 0xdc, 0xa0, 0xdc, 0x4d, + 0xe9, 0x0d, 0x73, 0x1d, 0xdd, 0x3a, 0x60, 0x0a, 0x90, 0x72, 0x25, 0xa3, 0x6b, 0xe3, 0x57, 0x35, + 0x7e, 0xfd, 0xdb, 0xfa, 0xd1, 0xad, 0x92, 0xee, 0xb8, 0xe0, 0x00, 0x1c, 0x1e, 0x4f, 0x13, 0x29, + 0x62, 0xad, 0x88, 0x6d, 0x0e, 0x77, 0xeb, 0x88, 0x7e, 0x2e, 0xa4, 0xa5, 0x05, 0x1e, 0xc0, 0x51, + 0x28, 0xe3, 0x6f, 0x62, 0x36, 0x51, 0xa1, 0x4c, 0x38, 0xa9, 0x99, 0x94, 0x4f, 0x6e, 0xb0, 0xbc, + 0x30, 0xf4, 0xd1, 0x86, 0x4d, 0x1b, 0x61, 0x09, 0x5a, 0xdf, 0x2d, 0xa8, 0x17, 0x2d, 0x30, 0x81, + 0x5a, 0x3e, 0x0d, 0x82, 0x5c, 0xd4, 0x75, 0x68, 0x01, 0xf1, 0xe7, 0x62, 0x34, 0x15, 0x93, 0xfe, + 0xf5, 0x5d, 0xd3, 0x9b, 0x81, 0x29, 0x53, 0x2b, 0xc6, 0x36, 0x06, 0x3b, 0x62, 0x97, 0x3c, 0x2a, + 0xc6, 0xfd, 0xe6, 0xce, 0x9e, 0x43, 0x23, 0xcf, 0x4c, 0x73, 0xaf, 0xcd, 0x11, 0x72, 0x03, 0xb3, + 0x0b, 0x0e, 0x2d, 0x20, 0x6e, 0x65, 0x6b, 0x12, 0x09, 0xbd, 0x32, 0x63, 0x75, 0xe8, 0x16, 0xe3, + 0xfb, 0x60, 0x2f, 0xb9, 0x98, 0xcd, 0x35, 0xb1, 0x5d, 0xd4, 0x3d, 0xa6, 0x39, 0x6a, 0x9d, 0x01, + 0x94, 0xc1, 0x71, 0x13, 0xac, 0x2b, 0xbe, 0xca, 0xaf, 0x66, 0xf3, 0xb9, 0xd9, 0xf2, 0x05, 0x8b, + 0xae, 0x39, 0xa9, 0x18, 0x59, 0x06, 0x5e, 0x55, 0xce, 0x50, 0xeb, 0x25, 0x34, 0x76, 0xe2, 0xfd, + 0x4b, 0xea, 0xec, 0x48, 0x3b, 0x27, 0x50, 0x2f, 0xf6, 0x12, 0xff, 0x0f, 0xc7, 0x1f, 0xfc, 0xd1, + 0xfb, 0x89, 0xff, 0x65, 0xec, 0xd3, 0xe0, 0x7c, 0xd8, 0x3c, 0xd8, 0x96, 0x06, 0x41, 0x5e, 0x42, + 0x9d, 0x67, 0x00, 0xe5, 0xe6, 0xe1, 0x3a, 0x1c, 0x06, 0x1f, 0x03, 0xbf, 0x79, 0x80, 0x01, 0xec, + 0xd1, 0xf8, 0x7c, 0x3c, 0xb8, 0x68, 0x22, 0x5c, 0x03, 0xeb, 0x5d, 0x30, 0x6a, 0x56, 0xde, 0x7a, + 0x3f, 0xd7, 0x6d, 0xf4, 0x6b, 0xdd, 0x46, 0xbf, 0xd7, 0x6d, 0xf4, 0xd5, 0xcd, 0x2e, 0x5d, 0xc8, + 0x1e, 0x4b, 0x44, 0x6f, 0xcf, 0x43, 0xbf, 0xb4, 0xcd, 0x0b, 0x3f, 0xfd, 0x13, 0x00, 0x00, 0xff, + 0xff, 0x52, 0x1f, 0x71, 0x64, 0x6d, 0x04, 0x00, 0x00, } diff --git a/networking/v1alpha3/service_entry.proto b/networking/v1alpha3/service_entry.proto index c1f233f260..b4f16f8b34 100644 --- a/networking/v1alpha3/service_entry.proto +++ b/networking/v1alpha3/service_entry.proto @@ -15,7 +15,7 @@ syntax = "proto3"; import "networking/v1alpha3/gateway.proto"; -import "networking/v1alpha3/service_dependency.proto"; +import "networking/v1alpha3/sidecar.proto"; package istio.networking.v1alpha3; diff --git a/networking/v1alpha3/service_dependency.pb.go b/networking/v1alpha3/sidecar.pb.go similarity index 79% rename from networking/v1alpha3/service_dependency.pb.go rename to networking/v1alpha3/sidecar.pb.go index ff233c696c..e8c2d80ea4 100644 --- a/networking/v1alpha3/service_dependency.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: networking/v1alpha3/service_dependency.proto +// source: networking/v1alpha3/sidecar.proto package v1alpha3 @@ -41,7 +41,7 @@ var ConfigScope_value = map[string]int32{ func (x ConfigScope) String() string { return proto.EnumName(ConfigScope_name, int32(x)) } -func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorServiceDependency, []int{0} } +func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } // `ServiceDependency` describes the set of services that a workload depends on // for its operation. In other words, it describes the properties of @@ -124,12 +124,10 @@ type ServiceDependency struct { Dependencies []*ServiceDependency_Dependency `protobuf:"bytes,1,rep,name=dependencies" json:"dependencies,omitempty"` } -func (m *ServiceDependency) Reset() { *m = ServiceDependency{} } -func (m *ServiceDependency) String() string { return proto.CompactTextString(m) } -func (*ServiceDependency) ProtoMessage() {} -func (*ServiceDependency) Descriptor() ([]byte, []int) { - return fileDescriptorServiceDependency, []int{0} -} +func (m *ServiceDependency) Reset() { *m = ServiceDependency{} } +func (m *ServiceDependency) String() string { return proto.CompactTextString(m) } +func (*ServiceDependency) ProtoMessage() {} +func (*ServiceDependency) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } func (m *ServiceDependency) GetDependencies() []*ServiceDependency_Dependency { if m != nil { @@ -170,7 +168,7 @@ func (m *ServiceDependency_Import) Reset() { *m = ServiceDependency_Impo func (m *ServiceDependency_Import) String() string { return proto.CompactTextString(m) } func (*ServiceDependency_Import) ProtoMessage() {} func (*ServiceDependency_Import) Descriptor() ([]byte, []int) { - return fileDescriptorServiceDependency, []int{0, 0} + return fileDescriptorSidecar, []int{0, 0} } func (m *ServiceDependency_Import) GetNamespace() string { @@ -215,7 +213,7 @@ func (m *ServiceDependency_Dependency) Reset() { *m = ServiceDependency_ func (m *ServiceDependency_Dependency) String() string { return proto.CompactTextString(m) } func (*ServiceDependency_Dependency) ProtoMessage() {} func (*ServiceDependency_Dependency) Descriptor() ([]byte, []int) { - return fileDescriptorServiceDependency, []int{0, 1} + return fileDescriptorSidecar, []int{0, 1} } func (m *ServiceDependency_Dependency) GetSourceWorkloadLabels() map[string]string { @@ -257,7 +255,7 @@ func (m *ServiceDependency) MarshalTo(dAtA []byte) (int, error) { for _, msg := range m.Dependencies { dAtA[i] = 0xa i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(msg.Size())) + i = encodeVarintSidecar(dAtA, i, uint64(msg.Size())) n, err := msg.MarshalTo(dAtA[i:]) if err != nil { return 0, err @@ -286,13 +284,13 @@ func (m *ServiceDependency_Import) MarshalTo(dAtA []byte) (int, error) { if len(m.Namespace) > 0 { dAtA[i] = 0xa i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(len(m.Namespace))) + i = encodeVarintSidecar(dAtA, i, uint64(len(m.Namespace))) i += copy(dAtA[i:], m.Namespace) } if len(m.Host) > 0 { dAtA[i] = 0x12 i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(len(m.Host))) + i = encodeVarintSidecar(dAtA, i, uint64(len(m.Host))) i += copy(dAtA[i:], m.Host) } return i, nil @@ -318,15 +316,15 @@ func (m *ServiceDependency_Dependency) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0xa i++ v := m.SourceWorkloadLabels[k] - mapSize := 1 + len(k) + sovServiceDependency(uint64(len(k))) + 1 + len(v) + sovServiceDependency(uint64(len(v))) - i = encodeVarintServiceDependency(dAtA, i, uint64(mapSize)) + mapSize := 1 + len(k) + sovSidecar(uint64(len(k))) + 1 + len(v) + sovSidecar(uint64(len(v))) + i = encodeVarintSidecar(dAtA, i, uint64(mapSize)) dAtA[i] = 0xa i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(len(k))) + i = encodeVarintSidecar(dAtA, i, uint64(len(k))) i += copy(dAtA[i:], k) dAtA[i] = 0x12 i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(len(v))) + i = encodeVarintSidecar(dAtA, i, uint64(len(v))) i += copy(dAtA[i:], v) } } @@ -334,7 +332,7 @@ func (m *ServiceDependency_Dependency) MarshalTo(dAtA []byte) (int, error) { for _, msg := range m.Imports { dAtA[i] = 0x12 i++ - i = encodeVarintServiceDependency(dAtA, i, uint64(msg.Size())) + i = encodeVarintSidecar(dAtA, i, uint64(msg.Size())) n, err := msg.MarshalTo(dAtA[i:]) if err != nil { return 0, err @@ -345,7 +343,7 @@ func (m *ServiceDependency_Dependency) MarshalTo(dAtA []byte) (int, error) { return i, nil } -func encodeVarintServiceDependency(dAtA []byte, offset int, v uint64) int { +func encodeVarintSidecar(dAtA []byte, offset int, v uint64) int { for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) v >>= 7 @@ -360,7 +358,7 @@ func (m *ServiceDependency) Size() (n int) { if len(m.Dependencies) > 0 { for _, e := range m.Dependencies { l = e.Size() - n += 1 + l + sovServiceDependency(uint64(l)) + n += 1 + l + sovSidecar(uint64(l)) } } return n @@ -371,11 +369,11 @@ func (m *ServiceDependency_Import) Size() (n int) { _ = l l = len(m.Namespace) if l > 0 { - n += 1 + l + sovServiceDependency(uint64(l)) + n += 1 + l + sovSidecar(uint64(l)) } l = len(m.Host) if l > 0 { - n += 1 + l + sovServiceDependency(uint64(l)) + n += 1 + l + sovSidecar(uint64(l)) } return n } @@ -387,20 +385,20 @@ func (m *ServiceDependency_Dependency) Size() (n int) { for k, v := range m.SourceWorkloadLabels { _ = k _ = v - mapEntrySize := 1 + len(k) + sovServiceDependency(uint64(len(k))) + 1 + len(v) + sovServiceDependency(uint64(len(v))) - n += mapEntrySize + 1 + sovServiceDependency(uint64(mapEntrySize)) + mapEntrySize := 1 + len(k) + sovSidecar(uint64(len(k))) + 1 + len(v) + sovSidecar(uint64(len(v))) + n += mapEntrySize + 1 + sovSidecar(uint64(mapEntrySize)) } } if len(m.Imports) > 0 { for _, e := range m.Imports { l = e.Size() - n += 1 + l + sovServiceDependency(uint64(l)) + n += 1 + l + sovSidecar(uint64(l)) } } return n } -func sovServiceDependency(x uint64) (n int) { +func sovSidecar(x uint64) (n int) { for { n++ x >>= 7 @@ -410,8 +408,8 @@ func sovServiceDependency(x uint64) (n int) { } return n } -func sozServiceDependency(x uint64) (n int) { - return sovServiceDependency(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +func sozSidecar(x uint64) (n int) { + return sovSidecar(uint64((x << 1) ^ uint64((int64(x) >> 63)))) } func (m *ServiceDependency) Unmarshal(dAtA []byte) error { l := len(dAtA) @@ -421,7 +419,7 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { var wire uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -449,7 +447,7 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -462,7 +460,7 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { } } if msglen < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postIndex := iNdEx + msglen if postIndex > l { @@ -475,12 +473,12 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { iNdEx = postIndex default: iNdEx = preIndex - skippy, err := skipServiceDependency(dAtA[iNdEx:]) + skippy, err := skipSidecar(dAtA[iNdEx:]) if err != nil { return err } if skippy < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF @@ -502,7 +500,7 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { var wire uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -530,7 +528,7 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -544,7 +542,7 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { } intStringLen := int(stringLen) if intStringLen < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postIndex := iNdEx + intStringLen if postIndex > l { @@ -559,7 +557,7 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -573,7 +571,7 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { } intStringLen := int(stringLen) if intStringLen < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postIndex := iNdEx + intStringLen if postIndex > l { @@ -583,12 +581,12 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { iNdEx = postIndex default: iNdEx = preIndex - skippy, err := skipServiceDependency(dAtA[iNdEx:]) + skippy, err := skipSidecar(dAtA[iNdEx:]) if err != nil { return err } if skippy < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF @@ -610,7 +608,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var wire uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -638,7 +636,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -651,7 +649,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } } if msglen < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postIndex := iNdEx + msglen if postIndex > l { @@ -667,7 +665,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var wire uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -684,7 +682,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var stringLenmapkey uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -698,7 +696,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } intStringLenmapkey := int(stringLenmapkey) if intStringLenmapkey < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postStringIndexmapkey := iNdEx + intStringLenmapkey if postStringIndexmapkey > l { @@ -710,7 +708,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var stringLenmapvalue uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -724,7 +722,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } intStringLenmapvalue := int(stringLenmapvalue) if intStringLenmapvalue < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postStringIndexmapvalue := iNdEx + intStringLenmapvalue if postStringIndexmapvalue > l { @@ -734,12 +732,12 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { iNdEx = postStringIndexmapvalue } else { iNdEx = entryPreIndex - skippy, err := skipServiceDependency(dAtA[iNdEx:]) + skippy, err := skipSidecar(dAtA[iNdEx:]) if err != nil { return err } if skippy < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } if (iNdEx + skippy) > postIndex { return io.ErrUnexpectedEOF @@ -756,7 +754,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { - return ErrIntOverflowServiceDependency + return ErrIntOverflowSidecar } if iNdEx >= l { return io.ErrUnexpectedEOF @@ -769,7 +767,7 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } } if msglen < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } postIndex := iNdEx + msglen if postIndex > l { @@ -782,12 +780,12 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { iNdEx = postIndex default: iNdEx = preIndex - skippy, err := skipServiceDependency(dAtA[iNdEx:]) + skippy, err := skipSidecar(dAtA[iNdEx:]) if err != nil { return err } if skippy < 0 { - return ErrInvalidLengthServiceDependency + return ErrInvalidLengthSidecar } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF @@ -801,14 +799,14 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } return nil } -func skipServiceDependency(dAtA []byte) (n int, err error) { +func skipSidecar(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 for iNdEx < l { var wire uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { - return 0, ErrIntOverflowServiceDependency + return 0, ErrIntOverflowSidecar } if iNdEx >= l { return 0, io.ErrUnexpectedEOF @@ -825,7 +823,7 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { case 0: for shift := uint(0); ; shift += 7 { if shift >= 64 { - return 0, ErrIntOverflowServiceDependency + return 0, ErrIntOverflowSidecar } if iNdEx >= l { return 0, io.ErrUnexpectedEOF @@ -843,7 +841,7 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { var length int for shift := uint(0); ; shift += 7 { if shift >= 64 { - return 0, ErrIntOverflowServiceDependency + return 0, ErrIntOverflowSidecar } if iNdEx >= l { return 0, io.ErrUnexpectedEOF @@ -857,7 +855,7 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { } iNdEx += length if length < 0 { - return 0, ErrInvalidLengthServiceDependency + return 0, ErrInvalidLengthSidecar } return iNdEx, nil case 3: @@ -866,7 +864,7 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { var start int = iNdEx for shift := uint(0); ; shift += 7 { if shift >= 64 { - return 0, ErrIntOverflowServiceDependency + return 0, ErrIntOverflowSidecar } if iNdEx >= l { return 0, io.ErrUnexpectedEOF @@ -882,7 +880,7 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { if innerWireType == 4 { break } - next, err := skipServiceDependency(dAtA[start:]) + next, err := skipSidecar(dAtA[start:]) if err != nil { return 0, err } @@ -902,37 +900,35 @@ func skipServiceDependency(dAtA []byte) (n int, err error) { } var ( - ErrInvalidLengthServiceDependency = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowServiceDependency = fmt.Errorf("proto: integer overflow") + ErrInvalidLengthSidecar = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowSidecar = fmt.Errorf("proto: integer overflow") ) -func init() { - proto.RegisterFile("networking/v1alpha3/service_dependency.proto", fileDescriptorServiceDependency) -} - -var fileDescriptorServiceDependency = []byte{ - // 357 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xd2, 0xc9, 0x4b, 0x2d, 0x29, - 0xcf, 0x2f, 0xca, 0xce, 0xcc, 0x4b, 0xd7, 0x2f, 0x33, 0x4c, 0xcc, 0x29, 0xc8, 0x48, 0x34, 0xd6, - 0x2f, 0x4e, 0x2d, 0x2a, 0xcb, 0x4c, 0x4e, 0x8d, 0x4f, 0x49, 0x2d, 0x48, 0xcd, 0x4b, 0x49, 0xcd, - 0x4b, 0xae, 0xd4, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x92, 0xcc, 0x2c, 0x2e, 0xc9, 0xcc, 0xd7, - 0x43, 0xe8, 0xd1, 0x83, 0xe9, 0x51, 0xba, 0xcb, 0xcc, 0x25, 0x18, 0x0c, 0xd1, 0xe7, 0x02, 0xd7, - 0x26, 0x14, 0xcd, 0xc5, 0x03, 0x37, 0x24, 0x33, 0xb5, 0x58, 0x82, 0x51, 0x81, 0x59, 0x83, 0xdb, - 0xc8, 0x5c, 0x0f, 0xa7, 0x39, 0x7a, 0x18, 0x66, 0xe8, 0x21, 0x98, 0x41, 0x28, 0x86, 0x49, 0x59, - 0x71, 0xb1, 0x79, 0xe6, 0x16, 0xe4, 0x17, 0x95, 0x08, 0xc9, 0x70, 0x71, 0xe6, 0x25, 0xe6, 0xa6, - 0x16, 0x17, 0x24, 0x26, 0xa7, 0x4a, 0x30, 0x2a, 0x30, 0x6a, 0x70, 0x06, 0x21, 0x04, 0x84, 0x84, - 0xb8, 0x58, 0x32, 0xf2, 0x8b, 0x4b, 0x24, 0x98, 0xc0, 0x12, 0x60, 0xb6, 0xd4, 0x3a, 0x26, 0x2e, - 0x2e, 0x24, 0x77, 0xb6, 0x33, 0x72, 0x89, 0x15, 0xe7, 0x97, 0x16, 0x25, 0xa7, 0xc6, 0x83, 0x5c, - 0x94, 0x93, 0x9f, 0x98, 0x12, 0x9f, 0x93, 0x98, 0x94, 0x9a, 0x03, 0x73, 0x72, 0x20, 0x99, 0x4e, - 0xd6, 0x0b, 0x06, 0x9b, 0x1a, 0x0e, 0x35, 0xd4, 0x07, 0x6c, 0xa6, 0x6b, 0x5e, 0x49, 0x51, 0x65, - 0x90, 0x48, 0x31, 0x16, 0x29, 0x21, 0x5f, 0x2e, 0xf6, 0x4c, 0xb0, 0xa7, 0x8a, 0x25, 0x98, 0xc0, - 0x36, 0x1b, 0x93, 0x64, 0x33, 0x24, 0x40, 0x82, 0x60, 0x66, 0x48, 0xb9, 0x73, 0x49, 0xe2, 0x74, - 0x81, 0x90, 0x00, 0x17, 0x73, 0x76, 0x6a, 0x25, 0x34, 0xc0, 0x40, 0x4c, 0x21, 0x11, 0x2e, 0xd6, - 0xb2, 0xc4, 0x9c, 0xd2, 0x54, 0x68, 0x58, 0x41, 0x38, 0x56, 0x4c, 0x16, 0x8c, 0x5a, 0x6a, 0x5c, - 0xdc, 0xce, 0xf9, 0x79, 0x69, 0x99, 0xe9, 0xc1, 0xc9, 0xf9, 0x05, 0xa9, 0x42, 0x5c, 0x5c, 0x6c, - 0x01, 0xa1, 0x4e, 0x3e, 0x9e, 0xce, 0x02, 0x0c, 0x42, 0xdc, 0x5c, 0xec, 0x01, 0x41, 0x9e, 0x61, - 0x8e, 0x21, 0xae, 0x02, 0x8c, 0x4e, 0x7a, 0x27, 0x1e, 0xc9, 0x31, 0x5e, 0x78, 0x24, 0xc7, 0xf8, - 0xe0, 0x91, 0x1c, 0x63, 0x94, 0x02, 0xc4, 0xed, 0x99, 0xf9, 0xfa, 0x89, 0x05, 0x99, 0xfa, 0x58, - 0xd2, 0x5a, 0x12, 0x1b, 0x38, 0x65, 0x19, 0x03, 0x02, 0x00, 0x00, 0xff, 0xff, 0x1e, 0x25, 0xbe, - 0xb4, 0x89, 0x02, 0x00, 0x00, +func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } + +var fileDescriptorSidecar = []byte{ + // 356 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x92, 0xdf, 0x4a, 0x32, 0x41, + 0x14, 0xc0, 0xbf, 0x59, 0xbf, 0x4f, 0xf1, 0xf8, 0x5d, 0xd8, 0x20, 0xb1, 0x4a, 0x88, 0x75, 0x11, + 0xd2, 0xc5, 0x2c, 0xe5, 0x45, 0xe1, 0x5d, 0x9a, 0x84, 0x60, 0x60, 0x6b, 0x7f, 0xa0, 0x2e, 0x64, + 0xdc, 0x3d, 0xe9, 0xe0, 0xba, 0xb3, 0xec, 0xac, 0x86, 0x4f, 0xd0, 0xdb, 0xf4, 0x1c, 0x5d, 0xf6, + 0x02, 0x41, 0xf8, 0x24, 0xe1, 0xe8, 0x62, 0x91, 0x5e, 0xd4, 0xdd, 0x39, 0x73, 0x0e, 0xbf, 0xf3, + 0x9b, 0xc3, 0x81, 0x5d, 0x1f, 0xa3, 0x47, 0x19, 0x0e, 0x85, 0xdf, 0xb7, 0x26, 0x87, 0xdc, 0x0b, + 0x06, 0xbc, 0x62, 0x29, 0xe1, 0xa2, 0xc3, 0x43, 0x16, 0x84, 0x32, 0x92, 0x34, 0x2f, 0x54, 0x24, + 0x24, 0x5b, 0x35, 0xb2, 0xb8, 0x71, 0xef, 0x2d, 0x01, 0x5b, 0x1d, 0x0c, 0x27, 0xc2, 0xc1, 0x33, + 0x0c, 0xd0, 0x77, 0xd1, 0x77, 0xa6, 0xf4, 0x1e, 0xfe, 0xbb, 0x71, 0x26, 0x50, 0x99, 0xa4, 0x94, + 0x28, 0x67, 0x8e, 0x8e, 0xd9, 0x46, 0x0e, 0xfb, 0xc6, 0x60, 0xab, 0xd0, 0xfe, 0x02, 0x2b, 0x54, + 0x21, 0xd9, 0x1c, 0x05, 0x32, 0x8c, 0xe8, 0x0e, 0xa4, 0x7d, 0x3e, 0x42, 0x15, 0x70, 0x07, 0x4d, + 0x52, 0x22, 0xe5, 0xb4, 0xbd, 0x7a, 0xa0, 0x14, 0xfe, 0x0e, 0xa4, 0x8a, 0x4c, 0x43, 0x17, 0x74, + 0x5c, 0x78, 0x36, 0x00, 0x3e, 0x79, 0x3e, 0x11, 0xd8, 0x56, 0x72, 0x1c, 0x3a, 0xd8, 0x9d, 0x1b, + 0x79, 0x92, 0xbb, 0x5d, 0x8f, 0xf7, 0xd0, 0x8b, 0x95, 0x2f, 0x7f, 0xa9, 0xcc, 0x3a, 0x9a, 0x7a, + 0xbb, 0x84, 0xb6, 0x34, 0xb3, 0xe1, 0x47, 0xe1, 0xd4, 0xce, 0xa9, 0x35, 0x25, 0x7a, 0x01, 0x29, + 0xa1, 0x3f, 0xa5, 0x4c, 0x43, 0x4f, 0xae, 0xfc, 0x68, 0xf2, 0x62, 0x21, 0x76, 0xcc, 0x28, 0x9c, + 0x43, 0x7e, 0xa3, 0x01, 0xcd, 0x42, 0x62, 0x88, 0xd3, 0xe5, 0xc2, 0xe6, 0x21, 0xcd, 0xc1, 0xbf, + 0x09, 0xf7, 0xc6, 0xb8, 0xdc, 0xd5, 0x22, 0xa9, 0x1a, 0x27, 0xe4, 0x60, 0x1f, 0x32, 0x75, 0xe9, + 0x3f, 0x88, 0x7e, 0xc7, 0x91, 0x01, 0x52, 0x80, 0x64, 0xfb, 0xba, 0xd6, 0x6a, 0xd6, 0xb3, 0x7f, + 0x68, 0x06, 0x52, 0x6d, 0xbb, 0x79, 0x73, 0x7a, 0xd5, 0xc8, 0x92, 0x1a, 0x7b, 0x99, 0x15, 0xc9, + 0xeb, 0xac, 0x48, 0xde, 0x67, 0x45, 0x72, 0x57, 0x5a, 0xb8, 0x0b, 0x69, 0xf1, 0x40, 0x58, 0x6b, + 0x0e, 0xac, 0x97, 0xd4, 0x97, 0x55, 0xf9, 0x08, 0x00, 0x00, 0xff, 0xff, 0x8b, 0x5e, 0x39, 0xb5, + 0x7e, 0x02, 0x00, 0x00, } diff --git a/networking/v1alpha3/service_dependency.proto b/networking/v1alpha3/sidecar.proto similarity index 100% rename from networking/v1alpha3/service_dependency.proto rename to networking/v1alpha3/sidecar.proto diff --git a/networking/v1alpha3/virtual_service.pb.go b/networking/v1alpha3/virtual_service.pb.go index 9394e691ce..8b22a1e0c4 100644 --- a/networking/v1alpha3/virtual_service.pb.go +++ b/networking/v1alpha3/virtual_service.pb.go @@ -9131,119 +9131,119 @@ func init() { } var fileDescriptorVirtualService = []byte{ - // 1818 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x59, 0x4f, 0x73, 0xe3, 0x48, - 0x15, 0x1f, 0xd9, 0x96, 0xff, 0x3c, 0x3b, 0x99, 0xa4, 0xc9, 0xce, 0x6a, 0xcc, 0xd6, 0x90, 0xf5, - 0xb2, 0x4b, 0xa8, 0xdd, 0x75, 0x0a, 0x0f, 0x2c, 0xa9, 0x65, 0x76, 0x76, 0x93, 0xcc, 0xcc, 0x7a, - 0xa8, 0x19, 0x26, 0x25, 0x87, 0x3d, 0x70, 0x51, 0xc9, 0xd2, 0x8b, 0x2d, 0x46, 0x96, 0x44, 0xab, - 0x95, 0xc4, 0xc5, 0x91, 0x3f, 0x77, 0x28, 0xae, 0x14, 0x9f, 0x82, 0x0b, 0x17, 0xae, 0x9c, 0x28, - 0x3e, 0x01, 0x35, 0x35, 0x07, 0xae, 0x7c, 0x05, 0xaa, 0xff, 0x48, 0x56, 0xe2, 0xc4, 0xb2, 0xc3, - 0x40, 0xed, 0x29, 0xee, 0xee, 0xf7, 0x7b, 0xfd, 0xfa, 0x75, 0xbf, 0xf7, 0x7e, 0x7a, 0x81, 0xef, - 0x06, 0xc8, 0xce, 0x42, 0xfa, 0xd2, 0x0b, 0x46, 0xbb, 0xa7, 0xdf, 0xb3, 0xfd, 0x68, 0x6c, 0xdf, - 0xdf, 0x3d, 0xf5, 0x28, 0x4b, 0x6c, 0xdf, 0x8a, 0x91, 0x9e, 0x7a, 0x0e, 0x76, 0x23, 0x1a, 0xb2, - 0x90, 0xdc, 0xf5, 0x62, 0xe6, 0x85, 0xdd, 0x19, 0xa0, 0x9b, 0x02, 0xda, 0xf7, 0x46, 0x61, 0x38, - 0xf2, 0x71, 0x57, 0x08, 0x0e, 0x93, 0x93, 0x5d, 0x37, 0xa1, 0x36, 0xf3, 0xc2, 0x40, 0x42, 0xe7, - 0xd7, 0xcf, 0xa8, 0x1d, 0x45, 0x48, 0x63, 0xb5, 0xfe, 0xd1, 0x55, 0x56, 0xa8, 0xdd, 0x2d, 0x17, - 0x23, 0x0c, 0x5c, 0x0c, 0x9c, 0xa9, 0x94, 0xee, 0xfc, 0xb9, 0x04, 0xeb, 0x5f, 0x49, 0x13, 0x07, - 0x52, 0x86, 0x6c, 0x81, 0x3e, 0x0e, 0x63, 0x16, 0x1b, 0xda, 0x76, 0x79, 0xa7, 0x61, 0xca, 0x01, - 0x69, 0x43, 0x7d, 0x64, 0x33, 0x3c, 0xb3, 0xa7, 0xb1, 0x51, 0x12, 0x0b, 0xd9, 0x98, 0xec, 0x41, - 0x65, 0xcc, 0x58, 0x64, 0x94, 0xb7, 0xcb, 0x3b, 0xcd, 0xde, 0xb7, 0xbb, 0xd7, 0x1e, 0xae, 0xdb, - 0x3f, 0x3e, 0x3e, 0x32, 0xc3, 0x84, 0xa1, 0x29, 0x10, 0xe4, 0x07, 0x50, 0x66, 0x4e, 0x64, 0x54, - 0x04, 0xf0, 0xbd, 0x05, 0xc0, 0xe3, 0x43, 0x85, 0xe3, 0xf2, 0x02, 0xe6, 0xc7, 0x86, 0x5e, 0x0c, - 0x7b, 0x36, 0x48, 0x61, 0x7e, 0x4c, 0x9e, 0x42, 0xcb, 0x09, 0x83, 0x13, 0x6f, 0x64, 0xc5, 0x4e, - 0x18, 0xa1, 0x51, 0xdd, 0xd6, 0x76, 0xd6, 0x7b, 0x1f, 0x2c, 0xc0, 0x1f, 0x0a, 0xf1, 0x01, 0x97, - 0x36, 0x9b, 0xce, 0x6c, 0xd0, 0x39, 0x85, 0xe6, 0x23, 0x8c, 0x99, 0x17, 0x88, 0xab, 0x21, 0x04, - 0x2a, 0xdc, 0x4d, 0x86, 0xb6, 0xad, 0xed, 0x34, 0x4c, 0xf1, 0x9b, 0xdc, 0x81, 0x6a, 0x9c, 0x0c, - 0x63, 0x64, 0x46, 0x49, 0xcc, 0xaa, 0x11, 0xf9, 0x11, 0x54, 0xa2, 0x90, 0x32, 0xa3, 0xbc, 0xad, - 0xed, 0x34, 0x7b, 0xdf, 0x59, 0xb0, 0xfb, 0x51, 0x48, 0xd9, 0x00, 0x7d, 0x74, 0x58, 0x48, 0x4d, - 0x01, 0xea, 0xfc, 0x1b, 0xa0, 0x91, 0x39, 0x91, 0xec, 0x83, 0x3e, 0xb1, 0x99, 0x33, 0x16, 0x57, - 0xd5, 0xec, 0x7d, 0x58, 0xe0, 0xf9, 0xe7, 0x5c, 0xd6, 0xc4, 0x5f, 0x24, 0x18, 0x33, 0x53, 0x22, - 0xc9, 0x63, 0xd0, 0x29, 0xd7, 0x25, 0x2e, 0xb5, 0xd9, 0xdb, 0x5d, 0xe6, 0xf2, 0x72, 0x27, 0x37, - 0x25, 0x9a, 0x1c, 0x42, 0x9d, 0xa2, 0xeb, 0x51, 0x74, 0x96, 0x39, 0x98, 0xd0, 0xa4, 0xc4, 0xcd, - 0x0c, 0x48, 0xbe, 0x80, 0x1a, 0xc5, 0x33, 0xea, 0x31, 0x34, 0x2a, 0x42, 0xc7, 0x07, 0x85, 0x3a, - 0x84, 0xb4, 0x99, 0xc2, 0xc8, 0x87, 0xb0, 0x79, 0x86, 0xc3, 0x38, 0x74, 0x5e, 0x22, 0xb3, 0x92, - 0x68, 0x44, 0x6d, 0x17, 0x0d, 0x7d, 0x5b, 0xdb, 0xa9, 0x9b, 0x1b, 0xd9, 0xc2, 0x4f, 0xe5, 0x3c, - 0xb9, 0x0f, 0x35, 0xe6, 0x4d, 0x30, 0x4c, 0x98, 0x78, 0x09, 0xcd, 0xde, 0xdd, 0xae, 0x8c, 0xad, - 0x6e, 0x1a, 0x5b, 0xdd, 0x47, 0x2a, 0xf6, 0xcc, 0x54, 0x92, 0x3c, 0xe4, 0x36, 0x32, 0xea, 0x61, - 0x6c, 0xd4, 0x04, 0xa8, 0xf0, 0xb9, 0x23, 0xa3, 0x53, 0x33, 0x05, 0x91, 0x43, 0xd0, 0x4f, 0xec, - 0xc4, 0x67, 0x46, 0x5d, 0xa0, 0x3f, 0x2e, 0x40, 0x3f, 0xe1, 0xb2, 0x4f, 0x83, 0x9f, 0xa3, 0x23, - 0xbd, 0x2d, 0xb0, 0xe4, 0x21, 0x54, 0x27, 0x1e, 0xa5, 0x21, 0x35, 0x1a, 0x85, 0x7e, 0xca, 0x5f, - 0x96, 0x42, 0x91, 0x27, 0xd0, 0x74, 0x42, 0x1a, 0x5b, 0x51, 0xe8, 0x7b, 0xce, 0xd4, 0x00, 0xa1, - 0xe4, 0xfd, 0x85, 0x71, 0x40, 0xe3, 0x23, 0x21, 0x6c, 0x82, 0x93, 0xfd, 0x26, 0x43, 0x58, 0xe7, - 0xb9, 0x27, 0x70, 0xad, 0x31, 0xda, 0x2e, 0xd2, 0xd8, 0x68, 0x8a, 0x57, 0xf4, 0xc3, 0x65, 0x5e, - 0x51, 0x77, 0x5f, 0x40, 0xfb, 0x12, 0xf9, 0x38, 0x60, 0x74, 0x7a, 0x50, 0x32, 0x34, 0x73, 0xcd, - 0xce, 0xcf, 0x93, 0x4f, 0xe1, 0x6d, 0x8a, 0x93, 0xf0, 0x14, 0x2d, 0x8a, 0x71, 0x14, 0x06, 0x31, - 0x66, 0x9b, 0xb5, 0x78, 0x1e, 0x12, 0x98, 0xb7, 0xa4, 0x88, 0xa9, 0x24, 0x52, 0xec, 0x2f, 0xe1, - 0x6d, 0x65, 0xdf, 0x1c, 0x76, 0x4d, 0x18, 0xfa, 0xf9, 0x0a, 0x86, 0x5e, 0x52, 0x3e, 0x33, 0xf8, - 0x2d, 0xfb, 0xaa, 0x75, 0xb2, 0x07, 0x77, 0x32, 0xc3, 0x45, 0xc8, 0x65, 0x7b, 0xaf, 0x67, 0x76, - 0x6f, 0xa5, 0x76, 0x0b, 0x81, 0x14, 0x79, 0x0e, 0x77, 0x32, 0xb3, 0x2f, 0x22, 0x6f, 0x0b, 0xab, - 0x1f, 0xae, 0x64, 0x75, 0x5e, 0xf5, 0xcc, 0xe8, 0x2d, 0xfb, 0x8a, 0x65, 0xf2, 0x00, 0x6a, 0xe9, - 0x56, 0x1b, 0xe2, 0x51, 0x74, 0x16, 0x6d, 0x25, 0x25, 0xcd, 0x14, 0xd2, 0xfe, 0x02, 0xc8, 0xfc, - 0x9d, 0x92, 0x0d, 0x28, 0xbf, 0xc4, 0xa9, 0x4a, 0x8d, 0xfc, 0x27, 0xaf, 0x30, 0xa7, 0xb6, 0x9f, - 0xa0, 0x4a, 0x8c, 0x72, 0xf0, 0x69, 0x69, 0x4f, 0x6b, 0xf7, 0xa1, 0x7d, 0xbd, 0xb3, 0x57, 0xd2, - 0xf4, 0x25, 0xdc, 0xbd, 0xd6, 0x01, 0xab, 0x28, 0xea, 0xfc, 0xab, 0x0c, 0xb5, 0xd4, 0x3d, 0xcf, - 0x79, 0xf0, 0x0b, 0x75, 0x02, 0xdb, 0xec, 0xdd, 0x2f, 0x76, 0x8f, 0xfa, 0xfb, 0x22, 0x42, 0x99, - 0x4a, 0x62, 0x33, 0xd5, 0x41, 0x5e, 0xf0, 0xa4, 0x29, 0xcf, 0x29, 0xf6, 0xbd, 0xa1, 0xbe, 0x4c, - 0x49, 0xfb, 0x2f, 0x25, 0xd8, 0xb8, 0xbc, 0x4c, 0x7e, 0x02, 0x65, 0x5e, 0x84, 0x64, 0x89, 0x78, - 0x70, 0x83, 0x0d, 0xba, 0x03, 0x64, 0xc2, 0x6f, 0x26, 0x57, 0xc4, 0xf5, 0xd9, 0xae, 0xab, 0xea, - 0xc5, 0x8d, 0xf4, 0xed, 0xbb, 0xae, 0xd2, 0x67, 0xbb, 0x2e, 0xaf, 0x93, 0x32, 0x0a, 0x04, 0x7f, - 0x68, 0x98, 0x6a, 0xd4, 0xfe, 0x04, 0xea, 0xe9, 0xc6, 0x2b, 0xdd, 0xfc, 0x27, 0x50, 0x4f, 0x37, - 0x58, 0xe9, 0xa2, 0x7f, 0xaf, 0x41, 0x3d, 0xe5, 0x0b, 0x3c, 0x4d, 0xe7, 0x2b, 0xeb, 0xc7, 0x8b, - 0x39, 0x86, 0x28, 0xac, 0xfb, 0x8c, 0x51, 0x6f, 0x98, 0x30, 0x8c, 0xd3, 0xda, 0xba, 0x7f, 0xb1, - 0xb6, 0x2e, 0x2a, 0xcf, 0xd7, 0xd4, 0xd5, 0xce, 0xef, 0xb8, 0x51, 0x8a, 0xfb, 0x90, 0x83, 0x8b, - 0x46, 0x7d, 0xb4, 0x40, 0xdf, 0xb3, 0xef, 0xff, 0xef, 0x6c, 0xfa, 0x93, 0x0e, 0x1b, 0x97, 0xe9, - 0x04, 0xd9, 0x83, 0x72, 0x42, 0x3d, 0x15, 0x16, 0x8b, 0xea, 0xd1, 0x80, 0x51, 0x2f, 0x18, 0x49, - 0x2c, 0x87, 0xf0, 0x62, 0x16, 0x3b, 0x63, 0x9c, 0xa4, 0x31, 0xb0, 0x2c, 0x58, 0xa1, 0x44, 0x31, - 0x44, 0x36, 0x0e, 0x5d, 0x45, 0x3c, 0x96, 0xc6, 0x4b, 0x14, 0x79, 0x04, 0x0d, 0x3b, 0x61, 0xe3, - 0x90, 0x7a, 0x6c, 0xba, 0x04, 0xef, 0xc8, 0xab, 0x98, 0x01, 0x89, 0x39, 0xcb, 0x9c, 0x92, 0x96, - 0xee, 0xad, 0x40, 0xc6, 0xba, 0xf9, 0xec, 0x94, 0xe5, 0x53, 0xce, 0x2a, 0x05, 0x53, 0xe4, 0xec, - 0x64, 0x4d, 0x12, 0x40, 0x32, 0x84, 0xb5, 0x38, 0x4c, 0xa8, 0x83, 0x96, 0x6f, 0x0f, 0xd1, 0xe7, - 0x2c, 0x84, 0xef, 0xf6, 0xd9, 0x2a, 0xbb, 0x0d, 0x84, 0x82, 0x67, 0x02, 0x2f, 0xb7, 0x6c, 0xc5, - 0xb9, 0xa9, 0x0b, 0x5c, 0xbf, 0x7e, 0x91, 0xeb, 0xb7, 0x87, 0xd0, 0x2a, 0x48, 0xa5, 0x0f, 0xf2, - 0x11, 0xb6, 0xbc, 0x2f, 0x73, 0x11, 0xfc, 0x39, 0x6c, 0xce, 0x99, 0xb8, 0x52, 0x28, 0xff, 0x5d, - 0x87, 0xad, 0xab, 0xd8, 0x2a, 0xe9, 0x43, 0xd3, 0x9d, 0x0d, 0x97, 0x78, 0xad, 0xf9, 0xe7, 0x9f, - 0x87, 0xf2, 0xac, 0x75, 0x86, 0xde, 0x68, 0x2c, 0xd9, 0xbd, 0x6e, 0xaa, 0xd1, 0x22, 0xba, 0x52, - 0x2e, 0xa2, 0x2b, 0xbf, 0xd5, 0xae, 0xe7, 0x2b, 0xf2, 0x13, 0xe9, 0xc7, 0x2b, 0xd2, 0xf3, 0x37, - 0x4e, 0x5d, 0xf4, 0x02, 0xea, 0xf2, 0x2b, 0xed, 0x5a, 0xee, 0x52, 0x15, 0x27, 0x78, 0x7a, 0xd3, - 0x13, 0xdc, 0x90, 0xc6, 0xd4, 0x56, 0xa7, 0x31, 0x5f, 0x43, 0x12, 0xc2, 0x60, 0xe3, 0xff, 0xff, - 0x96, 0x3b, 0x7f, 0x2d, 0xc1, 0xe6, 0x5c, 0x21, 0x21, 0xbb, 0xf0, 0x8d, 0x1c, 0xd8, 0x8a, 0x93, - 0x61, 0x80, 0x59, 0xb7, 0x80, 0xe4, 0x96, 0x06, 0x72, 0x25, 0x4b, 0x63, 0xa5, 0x5c, 0x1a, 0x7b, - 0x2f, 0x4b, 0x63, 0x12, 0x2f, 0x72, 0x77, 0x23, 0xcd, 0x43, 0x12, 0x49, 0x9c, 0xcb, 0xb9, 0xae, - 0x52, 0x48, 0x7f, 0xe7, 0xcc, 0x5d, 0x29, 0xd9, 0xe9, 0x97, 0x92, 0xdd, 0x7f, 0x9d, 0x88, 0xfe, - 0x59, 0x02, 0x32, 0xcf, 0x0f, 0xc8, 0x37, 0xa1, 0x11, 0x07, 0x9e, 0x95, 0x6f, 0xb3, 0xd4, 0xe3, - 0xc0, 0xeb, 0x8b, 0x4e, 0xcb, 0x35, 0xfe, 0x2d, 0x15, 0xfa, 0xb7, 0xbc, 0xc8, 0xbf, 0x95, 0x2b, - 0xfc, 0xeb, 0x5e, 0xf6, 0xaf, 0x5e, 0xf8, 0x51, 0x34, 0x7f, 0x98, 0x95, 0x1c, 0x5c, 0x7d, 0xd3, - 0x0e, 0x7e, 0x08, 0xad, 0x7c, 0x33, 0x81, 0x63, 0x53, 0x1a, 0xd2, 0x90, 0xf4, 0xe2, 0x9d, 0x7c, - 0x79, 0x97, 0xf8, 0xd9, 0x44, 0xe7, 0x33, 0x68, 0xe6, 0x1a, 0x09, 0x2b, 0xc3, 0x11, 0x9a, 0xb9, - 0x1a, 0x46, 0xee, 0x80, 0x8e, 0xe7, 0xb6, 0xa3, 0xfa, 0x40, 0xfd, 0x5b, 0xa6, 0x1c, 0x12, 0x03, - 0xaa, 0x11, 0xc5, 0x13, 0xef, 0x5c, 0x6a, 0xe8, 0xdf, 0x32, 0xd5, 0x98, 0x23, 0x28, 0x8e, 0xf0, - 0x5c, 0xbe, 0x7f, 0x8e, 0x10, 0xc3, 0x83, 0x16, 0x80, 0xe0, 0x6b, 0x16, 0x9b, 0x46, 0xd8, 0xf9, - 0x8d, 0xa6, 0xba, 0x3e, 0xc8, 0xfd, 0xd3, 0x86, 0xba, 0xcd, 0x18, 0x4e, 0x22, 0xf1, 0x78, 0x78, - 0xc0, 0x66, 0x63, 0xb2, 0x0f, 0xb7, 0x23, 0xa4, 0x16, 0xa3, 0x53, 0x2b, 0xed, 0x6d, 0x94, 0x8a, - 0x7a, 0x1b, 0x6b, 0x11, 0xd2, 0x63, 0x3a, 0x3d, 0x56, 0x1d, 0x8e, 0xbb, 0xfc, 0xab, 0x84, 0x2b, - 0x08, 0x03, 0x15, 0x95, 0xa2, 0x79, 0x31, 0x7d, 0x11, 0x74, 0xfe, 0x58, 0x02, 0x98, 0xb5, 0x02, - 0xc8, 0xbb, 0xd0, 0xb2, 0x7d, 0x3f, 0x3c, 0xb3, 0x42, 0xea, 0x8d, 0xbc, 0x40, 0xbd, 0xe4, 0xa6, - 0x98, 0x7b, 0x21, 0xa6, 0xf8, 0x3b, 0x94, 0x22, 0x92, 0x6c, 0xa5, 0xcf, 0x58, 0xe2, 0x9e, 0xcb, - 0xb9, 0x99, 0xd0, 0x85, 0x4a, 0xa9, 0x84, 0xd2, 0x9c, 0xfe, 0x3e, 0xac, 0xe3, 0x79, 0x14, 0x5e, - 0x2a, 0x89, 0x0d, 0x73, 0x4d, 0xce, 0xa6, 0x62, 0x3d, 0xa8, 0x4d, 0xec, 0x73, 0xcb, 0x1e, 0xc9, - 0xbe, 0xcf, 0xc2, 0x83, 0x57, 0x27, 0xf6, 0xf9, 0xfe, 0x08, 0xc9, 0x97, 0xb0, 0x29, 0xf7, 0x77, - 0x28, 0xba, 0x18, 0x30, 0xcf, 0xf6, 0x63, 0xd5, 0x12, 0x6a, 0xcf, 0xa1, 0x0f, 0xc2, 0xd0, 0xff, - 0x8a, 0xbf, 0x3f, 0x73, 0x43, 0x80, 0x0e, 0x67, 0x98, 0xce, 0x1f, 0x74, 0x20, 0xf3, 0x5d, 0x1b, - 0xf2, 0x14, 0x74, 0x17, 0x7d, 0x7b, 0xba, 0xcc, 0x47, 0xe3, 0x1c, 0xba, 0xfb, 0x88, 0x43, 0x4d, - 0xa9, 0x81, 0xab, 0xb2, 0x87, 0x69, 0x32, 0x5d, 0x59, 0xd5, 0x3e, 0x87, 0x9a, 0x52, 0x43, 0xfb, - 0xd7, 0x25, 0xd0, 0x85, 0x6e, 0xf2, 0x0e, 0xd4, 0x22, 0xa4, 0x0e, 0x06, 0xf2, 0xe1, 0xea, 0xa2, - 0xb2, 0xa6, 0x53, 0xe4, 0x01, 0x34, 0x4f, 0xbc, 0x73, 0x74, 0x2d, 0x79, 0x86, 0xa2, 0xe7, 0xd4, - 0xbf, 0x65, 0x82, 0x90, 0x97, 0xba, 0xfb, 0xb0, 0xc9, 0x2f, 0x28, 0x90, 0x2e, 0x52, 0x3a, 0xca, - 0xc5, 0x3a, 0x36, 0x72, 0x28, 0xa9, 0xe9, 0x00, 0x40, 0x99, 0x34, 0xbb, 0xdc, 0x45, 0x75, 0xfd, - 0x48, 0x0a, 0x9b, 0x39, 0xd4, 0xc1, 0x26, 0xdc, 0x1e, 0x33, 0x16, 0x49, 0x33, 0x44, 0x6c, 0xb5, - 0x5f, 0x69, 0xa0, 0x0b, 0xbf, 0x14, 0xb8, 0xe1, 0x5d, 0x68, 0x0a, 0x68, 0xcc, 0x6c, 0x96, 0xc4, - 0xb2, 0x52, 0xf2, 0xb3, 0xf2, 0xc9, 0x81, 0x98, 0xe3, 0x22, 0x23, 0x1a, 0x39, 0xa9, 0x48, 0x1a, - 0xd2, 0xc0, 0x27, 0x67, 0x22, 0x1c, 0xd0, 0xb3, 0x50, 0xb4, 0xef, 0x2a, 0xa9, 0x88, 0x98, 0x7c, - 0x2c, 0x9a, 0x73, 0x6f, 0xe2, 0x9c, 0x2d, 0x00, 0xb1, 0x81, 0x4c, 0x1f, 0x4f, 0xa0, 0x95, 0x6f, - 0x25, 0xf3, 0x74, 0x14, 0x24, 0x93, 0x21, 0x52, 0x71, 0xce, 0x35, 0x9e, 0x8e, 0xe4, 0x98, 0x6c, - 0x41, 0x25, 0xb0, 0xd5, 0x97, 0x18, 0xb7, 0x4b, 0x8c, 0x0e, 0xaa, 0xb2, 0xc0, 0x74, 0xbe, 0x05, - 0x35, 0xb5, 0xd9, 0x2c, 0x23, 0x73, 0x0d, 0x9a, 0xca, 0xc8, 0x07, 0xdd, 0xbf, 0xbd, 0xbe, 0xa7, - 0xfd, 0xe3, 0xf5, 0x3d, 0xed, 0xd5, 0xeb, 0x7b, 0xda, 0xcf, 0xb6, 0xa5, 0xcd, 0x5e, 0xb8, 0x6b, - 0x47, 0xde, 0xee, 0x15, 0xff, 0x96, 0x18, 0x56, 0xc5, 0xcd, 0xdf, 0xff, 0x4f, 0x00, 0x00, 0x00, - 0xff, 0xff, 0x0d, 0x63, 0x49, 0x86, 0x3a, 0x19, 0x00, 0x00, + // 1812 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x59, 0x4f, 0x73, 0x1b, 0x49, + 0x15, 0xcf, 0x48, 0x1a, 0xfd, 0x79, 0x92, 0x1d, 0xbb, 0xf1, 0x66, 0x27, 0x62, 0x2b, 0x38, 0x5a, + 0x76, 0x31, 0xb5, 0xac, 0x5c, 0x28, 0xb0, 0xb8, 0x96, 0x6c, 0x76, 0x6d, 0x27, 0x59, 0x85, 0x4a, + 0x88, 0x6b, 0x64, 0xf6, 0xc0, 0x65, 0xaa, 0x35, 0xd3, 0x96, 0x86, 0x8c, 0x66, 0x86, 0xee, 0x1e, + 0xdb, 0x2a, 0x8e, 0xfc, 0xb9, 0x43, 0x71, 0xa5, 0xf8, 0x14, 0x5c, 0xb8, 0x70, 0xe5, 0x44, 0xf1, + 0x09, 0xa8, 0x54, 0x0e, 0x5c, 0xf9, 0x0a, 0x54, 0xff, 0x99, 0xd1, 0xd8, 0xb2, 0x35, 0x92, 0x09, + 0x14, 0x27, 0xab, 0xbb, 0xdf, 0xef, 0xf5, 0xeb, 0xd7, 0xfd, 0xde, 0xfb, 0xcd, 0x33, 0x7c, 0x3b, + 0x24, 0xfc, 0x2c, 0xa2, 0xaf, 0xfc, 0x70, 0xb4, 0x7b, 0xfa, 0x5d, 0x1c, 0xc4, 0x63, 0xfc, 0x60, + 0xf7, 0xd4, 0xa7, 0x3c, 0xc1, 0x81, 0xc3, 0x08, 0x3d, 0xf5, 0x5d, 0xd2, 0x8d, 0x69, 0xc4, 0x23, + 0x74, 0xd7, 0x67, 0xdc, 0x8f, 0xba, 0x33, 0x40, 0x37, 0x05, 0xb4, 0xef, 0x8d, 0xa2, 0x68, 0x14, + 0x90, 0x5d, 0x29, 0x38, 0x4c, 0x4e, 0x76, 0xbd, 0x84, 0x62, 0xee, 0x47, 0xa1, 0x82, 0xce, 0xaf, + 0x9f, 0x51, 0x1c, 0xc7, 0x84, 0x32, 0xbd, 0x7e, 0xff, 0x2a, 0x2b, 0x98, 0xef, 0x11, 0x17, 0x53, + 0x25, 0xd2, 0xf9, 0x53, 0x09, 0xd6, 0xbf, 0x52, 0x76, 0x0d, 0x94, 0x59, 0x68, 0x0b, 0xcc, 0x71, + 0xc4, 0x38, 0xb3, 0x8c, 0xed, 0xf2, 0x4e, 0xc3, 0x56, 0x03, 0xd4, 0x86, 0xfa, 0x08, 0x73, 0x72, + 0x86, 0xa7, 0xcc, 0x2a, 0xc9, 0x85, 0x6c, 0x8c, 0xf6, 0xa0, 0x32, 0xe6, 0x3c, 0xb6, 0xca, 0xdb, + 0xe5, 0x9d, 0x66, 0xef, 0x9b, 0xdd, 0x6b, 0x4f, 0xd4, 0xed, 0x1f, 0x1f, 0x1f, 0xd9, 0x51, 0xc2, + 0x89, 0x2d, 0x11, 0xe8, 0xfb, 0x50, 0xe6, 0x6e, 0x6c, 0x55, 0x24, 0xf0, 0xfd, 0x05, 0xc0, 0xe3, + 0x43, 0x8d, 0x13, 0xf2, 0x12, 0x16, 0x30, 0xcb, 0x2c, 0x86, 0x3d, 0x1f, 0xa4, 0xb0, 0x80, 0xa1, + 0x67, 0xd0, 0x72, 0xa3, 0xf0, 0xc4, 0x1f, 0x39, 0xcc, 0x8d, 0x62, 0x62, 0x55, 0xb7, 0x8d, 0x9d, + 0xf5, 0xde, 0x87, 0x0b, 0xf0, 0x87, 0x52, 0x7c, 0x20, 0xa4, 0xed, 0xa6, 0x3b, 0x1b, 0x74, 0x4e, + 0xa1, 0xf9, 0x98, 0x30, 0xee, 0x87, 0xf2, 0x3e, 0x10, 0x82, 0x8a, 0x70, 0x93, 0x65, 0x6c, 0x1b, + 0x3b, 0x0d, 0x5b, 0xfe, 0x46, 0x77, 0xa0, 0xca, 0x92, 0x21, 0x23, 0xdc, 0x2a, 0xc9, 0x59, 0x3d, + 0x42, 0x3f, 0x84, 0x4a, 0x1c, 0x51, 0x6e, 0x95, 0xb7, 0x8d, 0x9d, 0x66, 0xef, 0x5b, 0x0b, 0x76, + 0x3f, 0x8a, 0x28, 0x1f, 0x90, 0x80, 0xb8, 0x3c, 0xa2, 0xb6, 0x04, 0x75, 0xfe, 0x05, 0xd0, 0xc8, + 0x9c, 0x88, 0xf6, 0xc1, 0x9c, 0x60, 0xee, 0x8e, 0xe5, 0x55, 0x35, 0x7b, 0x1f, 0x15, 0x78, 0xfe, + 0x85, 0x90, 0xb5, 0xc9, 0xcf, 0x13, 0xc2, 0xb8, 0xad, 0x90, 0xe8, 0x09, 0x98, 0x54, 0xe8, 0x92, + 0x97, 0xda, 0xec, 0xed, 0x2e, 0x73, 0x79, 0xb9, 0x93, 0xdb, 0x0a, 0x8d, 0x0e, 0xa1, 0x4e, 0x89, + 0xe7, 0x53, 0xe2, 0x2e, 0x73, 0x30, 0xa9, 0x49, 0x8b, 0xdb, 0x19, 0x10, 0x7d, 0x01, 0x35, 0x4a, + 0xce, 0xa8, 0xcf, 0x89, 0x55, 0x91, 0x3a, 0x3e, 0x2c, 0xd4, 0x21, 0xa5, 0xed, 0x14, 0x86, 0x3e, + 0x82, 0xcd, 0x33, 0x32, 0x64, 0x91, 0xfb, 0x8a, 0x70, 0x27, 0x89, 0x47, 0x14, 0x7b, 0xc4, 0x32, + 0xb7, 0x8d, 0x9d, 0xba, 0xbd, 0x91, 0x2d, 0xfc, 0x44, 0xcd, 0xa3, 0x07, 0x50, 0xe3, 0xfe, 0x84, + 0x44, 0x09, 0x97, 0x2f, 0xa1, 0xd9, 0xbb, 0xdb, 0x55, 0x01, 0xd5, 0x4d, 0x03, 0xaa, 0xfb, 0x58, + 0x07, 0x9c, 0x9d, 0x4a, 0xa2, 0x47, 0xc2, 0x46, 0x4e, 0x7d, 0xc2, 0xac, 0x9a, 0x04, 0x15, 0x3e, + 0x77, 0xc2, 0xe9, 0xd4, 0x4e, 0x41, 0xe8, 0x10, 0xcc, 0x13, 0x9c, 0x04, 0xdc, 0xaa, 0x4b, 0xf4, + 0xc7, 0x05, 0xe8, 0xa7, 0x42, 0xf6, 0x59, 0xf8, 0x33, 0xe2, 0x2a, 0x6f, 0x4b, 0x2c, 0x7a, 0x04, + 0xd5, 0x89, 0x4f, 0x69, 0x44, 0xad, 0x46, 0xa1, 0x9f, 0xf2, 0x97, 0xa5, 0x51, 0xe8, 0x29, 0x34, + 0xdd, 0x88, 0x32, 0x27, 0x8e, 0x02, 0xdf, 0x9d, 0x5a, 0x20, 0x95, 0x7c, 0xb0, 0x30, 0x0e, 0x28, + 0x3b, 0x92, 0xc2, 0x36, 0xb8, 0xd9, 0x6f, 0x34, 0x84, 0x75, 0x91, 0x70, 0x42, 0xcf, 0x19, 0x13, + 0xec, 0x11, 0xca, 0xac, 0xa6, 0x7c, 0x45, 0x3f, 0x58, 0xe6, 0x15, 0x75, 0xf7, 0x25, 0xb4, 0xaf, + 0x90, 0x4f, 0x42, 0x4e, 0xa7, 0x07, 0x25, 0xcb, 0xb0, 0xd7, 0x70, 0x7e, 0x1e, 0x7d, 0x0a, 0xef, + 0x52, 0x32, 0x89, 0x4e, 0x89, 0x43, 0x09, 0x8b, 0xa3, 0x90, 0x91, 0x6c, 0xb3, 0x96, 0xc8, 0x43, + 0x12, 0xf3, 0x8e, 0x12, 0xb1, 0xb5, 0x44, 0x8a, 0xfd, 0x05, 0xbc, 0xab, 0xed, 0x9b, 0xc3, 0xae, + 0x49, 0x43, 0x3f, 0x5f, 0xc1, 0xd0, 0x4b, 0xca, 0x67, 0x06, 0xbf, 0x83, 0xaf, 0x5a, 0x47, 0x7b, + 0x70, 0x27, 0x33, 0x5c, 0x86, 0x5c, 0xb6, 0xf7, 0x7a, 0x66, 0xf7, 0x56, 0x6a, 0xb7, 0x14, 0x48, + 0x91, 0xe7, 0x70, 0x27, 0x33, 0xfb, 0x22, 0xf2, 0xb6, 0xb4, 0xfa, 0xd1, 0x4a, 0x56, 0xe7, 0x55, + 0xcf, 0x8c, 0xde, 0xc2, 0x57, 0x2c, 0xa3, 0x87, 0x50, 0x4b, 0xb7, 0xda, 0x90, 0x8f, 0xa2, 0xb3, + 0x68, 0x2b, 0x25, 0x69, 0xa7, 0x90, 0xf6, 0x17, 0x80, 0xe6, 0xef, 0x14, 0x6d, 0x40, 0xf9, 0x15, + 0x99, 0xea, 0xd4, 0x28, 0x7e, 0x8a, 0x0a, 0x73, 0x8a, 0x83, 0x84, 0xe8, 0xc4, 0xa8, 0x06, 0x9f, + 0x96, 0xf6, 0x8c, 0x76, 0x1f, 0xda, 0xd7, 0x3b, 0x7b, 0x25, 0x4d, 0x5f, 0xc2, 0xdd, 0x6b, 0x1d, + 0xb0, 0x8a, 0xa2, 0xce, 0x3f, 0xcb, 0x50, 0x4b, 0xdd, 0xf3, 0x42, 0x04, 0xbf, 0x54, 0x27, 0xb1, + 0xcd, 0xde, 0x83, 0x62, 0xf7, 0xe8, 0xbf, 0x2f, 0x63, 0xa2, 0x52, 0x09, 0xb3, 0x53, 0x1d, 0xe8, + 0xa5, 0x48, 0x9a, 0xea, 0x9c, 0x72, 0xdf, 0x1b, 0xea, 0xcb, 0x94, 0xb4, 0xff, 0x5c, 0x82, 0x8d, + 0xcb, 0xcb, 0xe8, 0xc7, 0x50, 0x16, 0x45, 0x48, 0x95, 0x88, 0x87, 0x37, 0xd8, 0xa0, 0x3b, 0x20, + 0x5c, 0xfa, 0xcd, 0x16, 0x8a, 0x84, 0x3e, 0xec, 0x79, 0xba, 0x5e, 0xdc, 0x48, 0xdf, 0xbe, 0xe7, + 0x69, 0x7d, 0xd8, 0xf3, 0x44, 0x9d, 0x54, 0x51, 0x20, 0xf9, 0x43, 0xc3, 0xd6, 0xa3, 0xf6, 0x27, + 0x50, 0x4f, 0x37, 0x5e, 0xe9, 0xe6, 0x3f, 0x81, 0x7a, 0xba, 0xc1, 0x4a, 0x17, 0xfd, 0x3b, 0x03, + 0xea, 0x29, 0x5f, 0x10, 0x69, 0x3a, 0x5f, 0x59, 0x3f, 0x5e, 0xcc, 0x31, 0x64, 0x61, 0xdd, 0xe7, + 0x9c, 0xfa, 0xc3, 0x84, 0x13, 0x96, 0xd6, 0xd6, 0xfd, 0x8b, 0xb5, 0x75, 0x51, 0x79, 0xbe, 0xa6, + 0xae, 0x76, 0x7e, 0x2b, 0x8c, 0xd2, 0xdc, 0x07, 0x1d, 0x5c, 0x34, 0xea, 0x3b, 0x0b, 0xf4, 0x3d, + 0xff, 0xde, 0x7f, 0xcf, 0xa6, 0x3f, 0x9a, 0xb0, 0x71, 0x99, 0x4e, 0xa0, 0x3d, 0x28, 0x27, 0xd4, + 0xd7, 0x61, 0xb1, 0xa8, 0x1e, 0x0d, 0x38, 0xf5, 0xc3, 0x91, 0xc2, 0x0a, 0x88, 0x28, 0x66, 0xcc, + 0x1d, 0x93, 0x49, 0x1a, 0x03, 0xcb, 0x82, 0x35, 0x4a, 0x16, 0x43, 0xc2, 0xc7, 0x91, 0xa7, 0x89, + 0xc7, 0xd2, 0x78, 0x85, 0x42, 0x8f, 0xa1, 0x81, 0x13, 0x3e, 0x8e, 0xa8, 0xcf, 0xa7, 0x4b, 0xf0, + 0x8e, 0xbc, 0x8a, 0x19, 0x10, 0xd9, 0xb3, 0xcc, 0xa9, 0x68, 0xe9, 0xde, 0x0a, 0x64, 0xac, 0x9b, + 0xcf, 0x4e, 0x59, 0x3e, 0x15, 0xac, 0x52, 0x32, 0x45, 0xc1, 0x4e, 0xd6, 0x14, 0x01, 0x44, 0x43, + 0x58, 0x63, 0x51, 0x42, 0x5d, 0xe2, 0x04, 0x78, 0x48, 0x02, 0xc1, 0x42, 0xc4, 0x6e, 0x9f, 0xad, + 0xb2, 0xdb, 0x40, 0x2a, 0x78, 0x2e, 0xf1, 0x6a, 0xcb, 0x16, 0xcb, 0x4d, 0x5d, 0xe0, 0xfa, 0xf5, + 0x8b, 0x5c, 0xbf, 0x3d, 0x84, 0x56, 0x41, 0x2a, 0x7d, 0x98, 0x8f, 0xb0, 0xe5, 0x7d, 0x99, 0x8b, + 0xe0, 0xcf, 0x61, 0x73, 0xce, 0xc4, 0x95, 0x42, 0xf9, 0x6f, 0x26, 0x6c, 0x5d, 0xc5, 0x56, 0x51, + 0x1f, 0x9a, 0xde, 0x6c, 0xb8, 0xc4, 0x6b, 0xcd, 0x3f, 0xff, 0x3c, 0x54, 0x64, 0xad, 0x33, 0xe2, + 0x8f, 0xc6, 0x8a, 0xdd, 0x9b, 0xb6, 0x1e, 0x2d, 0xa2, 0x2b, 0xe5, 0x22, 0xba, 0xf2, 0x1b, 0xe3, + 0x7a, 0xbe, 0xa2, 0x3e, 0x91, 0x7e, 0xb4, 0x22, 0x3d, 0x7f, 0xeb, 0xd4, 0xc5, 0x2c, 0xa0, 0x2e, + 0xbf, 0x34, 0xae, 0xe5, 0x2e, 0x55, 0x79, 0x82, 0x67, 0x37, 0x3d, 0xc1, 0x0d, 0x69, 0x4c, 0x6d, + 0x75, 0x1a, 0xf3, 0x7f, 0x48, 0x42, 0x38, 0x6c, 0xfc, 0xef, 0xdf, 0x72, 0xe7, 0x2f, 0x25, 0xd8, + 0x9c, 0x2b, 0x24, 0x68, 0x17, 0xbe, 0x96, 0x03, 0x3b, 0x2c, 0x19, 0x86, 0x24, 0xeb, 0x16, 0xa0, + 0xdc, 0xd2, 0x40, 0xad, 0x64, 0x69, 0xac, 0x94, 0x4b, 0x63, 0xef, 0x67, 0x69, 0x4c, 0xe1, 0x65, + 0xee, 0x6e, 0xa4, 0x79, 0x48, 0x21, 0x91, 0x7b, 0x39, 0xd7, 0x55, 0x0a, 0xe9, 0xef, 0x9c, 0xb9, + 0x2b, 0x25, 0x3b, 0xf3, 0x52, 0xb2, 0xfb, 0x8f, 0x13, 0xd1, 0x3f, 0x4a, 0x80, 0xe6, 0xf9, 0x01, + 0xfa, 0x3a, 0x34, 0x58, 0xe8, 0x3b, 0xf9, 0x36, 0x4b, 0x9d, 0x85, 0x7e, 0x5f, 0x76, 0x5a, 0xae, + 0xf1, 0x6f, 0xa9, 0xd0, 0xbf, 0xe5, 0x45, 0xfe, 0xad, 0x5c, 0xe1, 0x5f, 0xef, 0xb2, 0x7f, 0xcd, + 0xc2, 0x8f, 0xa2, 0xf9, 0xc3, 0xac, 0xe4, 0xe0, 0xea, 0xdb, 0x76, 0xf0, 0x23, 0x68, 0xe5, 0x9b, + 0x09, 0x02, 0x9b, 0xd2, 0x90, 0x86, 0xa2, 0x17, 0xef, 0xe5, 0xcb, 0xbb, 0xc2, 0xcf, 0x26, 0x3a, + 0x9f, 0x41, 0x33, 0xd7, 0x48, 0x58, 0x19, 0x4e, 0xa0, 0x99, 0xab, 0x61, 0xe8, 0x0e, 0x98, 0xe4, + 0x1c, 0xbb, 0xba, 0x0f, 0xd4, 0xbf, 0x65, 0xab, 0x21, 0xb2, 0xa0, 0x1a, 0x53, 0x72, 0xe2, 0x9f, + 0x2b, 0x0d, 0xfd, 0x5b, 0xb6, 0x1e, 0x0b, 0x04, 0x25, 0x23, 0x72, 0xae, 0xde, 0xbf, 0x40, 0xc8, + 0xe1, 0x41, 0x0b, 0x40, 0xf2, 0x35, 0x87, 0x4f, 0x63, 0xd2, 0xf9, 0xb5, 0xa1, 0xbb, 0x3e, 0x44, + 0xf8, 0xa7, 0x0d, 0x75, 0xcc, 0x39, 0x99, 0xc4, 0xf2, 0xf1, 0x88, 0x80, 0xcd, 0xc6, 0x68, 0x1f, + 0x6e, 0xc7, 0x84, 0x3a, 0x9c, 0x4e, 0x9d, 0xb4, 0xb7, 0x51, 0x2a, 0xea, 0x6d, 0xac, 0xc5, 0x84, + 0x1e, 0xd3, 0xe9, 0xb1, 0xee, 0x70, 0xdc, 0x15, 0x5f, 0x25, 0x42, 0x41, 0x14, 0xea, 0xa8, 0x94, + 0xcd, 0x8b, 0xe9, 0xcb, 0xb0, 0xf3, 0x87, 0x12, 0xc0, 0xac, 0x15, 0x80, 0xee, 0x43, 0x0b, 0x07, + 0x41, 0x74, 0xe6, 0x44, 0xd4, 0x1f, 0xf9, 0xa1, 0x7e, 0xc9, 0x4d, 0x39, 0xf7, 0x52, 0x4e, 0x89, + 0x77, 0xa8, 0x44, 0x14, 0xd9, 0x4a, 0x9f, 0xb1, 0xc2, 0xbd, 0x50, 0x73, 0x33, 0xa1, 0x0b, 0x95, + 0x52, 0x0b, 0xa5, 0x39, 0xfd, 0x03, 0x58, 0x27, 0xe7, 0x71, 0x74, 0xa9, 0x24, 0x36, 0xec, 0x35, + 0x35, 0x9b, 0x8a, 0xf5, 0xa0, 0x36, 0xc1, 0xe7, 0x0e, 0x1e, 0xa9, 0xbe, 0xcf, 0xc2, 0x83, 0x57, + 0x27, 0xf8, 0x7c, 0x7f, 0x44, 0xd0, 0x97, 0xb0, 0xa9, 0xf6, 0x77, 0x29, 0xf1, 0x48, 0xc8, 0x7d, + 0x1c, 0x30, 0xdd, 0x12, 0x6a, 0xcf, 0xa1, 0x0f, 0xa2, 0x28, 0xf8, 0x4a, 0xbc, 0x3f, 0x7b, 0x43, + 0x82, 0x0e, 0x67, 0x98, 0xce, 0xef, 0x4d, 0x40, 0xf3, 0x5d, 0x1b, 0xf4, 0x0c, 0x4c, 0x8f, 0x04, + 0x78, 0xba, 0xcc, 0x47, 0xe3, 0x1c, 0xba, 0xfb, 0x58, 0x40, 0x6d, 0xa5, 0x41, 0xa8, 0xc2, 0xc3, + 0x34, 0x99, 0xae, 0xac, 0x6a, 0x5f, 0x40, 0x6d, 0xa5, 0xa1, 0xfd, 0xab, 0x12, 0x98, 0x52, 0x37, + 0x7a, 0x0f, 0x6a, 0x31, 0xa1, 0x2e, 0x09, 0xd5, 0xc3, 0x35, 0x65, 0x65, 0x4d, 0xa7, 0xd0, 0x43, + 0x68, 0x9e, 0xf8, 0xe7, 0xc4, 0x73, 0xd4, 0x19, 0x8a, 0x9e, 0x53, 0xff, 0x96, 0x0d, 0x52, 0x5e, + 0xe9, 0xee, 0xc3, 0xa6, 0xb8, 0xa0, 0x50, 0xb9, 0x48, 0xeb, 0x28, 0x17, 0xeb, 0xd8, 0xc8, 0xa1, + 0x94, 0xa6, 0x03, 0x00, 0x6d, 0xd2, 0xec, 0x72, 0x17, 0xd5, 0xf5, 0x23, 0x25, 0x6c, 0xe7, 0x50, + 0x07, 0x9b, 0x70, 0x7b, 0xcc, 0x79, 0xac, 0xcc, 0x90, 0xb1, 0xd5, 0x7e, 0x6d, 0x80, 0x29, 0xfd, + 0x52, 0xe0, 0x86, 0xfb, 0xd0, 0x94, 0x50, 0xc6, 0x31, 0x4f, 0x98, 0xaa, 0x94, 0xe2, 0xac, 0x62, + 0x72, 0x20, 0xe7, 0x84, 0xc8, 0x88, 0xc6, 0x6e, 0x2a, 0x92, 0x86, 0x34, 0x88, 0xc9, 0x99, 0x88, + 0x00, 0xf4, 0x1c, 0x22, 0xdb, 0x77, 0x95, 0x54, 0x44, 0x4e, 0x3e, 0x91, 0xcd, 0xb9, 0xb7, 0x71, + 0xce, 0x16, 0x80, 0xdc, 0x40, 0xa5, 0x8f, 0xa7, 0xd0, 0xca, 0xb7, 0x92, 0x45, 0x3a, 0x0a, 0x93, + 0xc9, 0x90, 0x50, 0x79, 0xce, 0x35, 0x91, 0x8e, 0xd4, 0x18, 0x6d, 0x41, 0x25, 0xc4, 0xfa, 0x4b, + 0x4c, 0xd8, 0x25, 0x47, 0x07, 0x55, 0x55, 0x60, 0x3a, 0xdf, 0x80, 0x9a, 0xde, 0x6c, 0x96, 0x91, + 0x85, 0x06, 0x43, 0x67, 0xe4, 0x83, 0xee, 0x5f, 0xdf, 0xdc, 0x33, 0xfe, 0xfe, 0xe6, 0x9e, 0xf1, + 0xfa, 0xcd, 0x3d, 0xe3, 0xa7, 0xdb, 0xca, 0x66, 0x3f, 0xda, 0xc5, 0xb1, 0xbf, 0x7b, 0xc5, 0xff, + 0x22, 0x86, 0x55, 0x79, 0xf3, 0x0f, 0xfe, 0x1d, 0x00, 0x00, 0xff, 0xff, 0x2f, 0xaf, 0xea, 0xb9, + 0x2f, 0x19, 0x00, 0x00, } diff --git a/networking/v1alpha3/virtual_service.proto b/networking/v1alpha3/virtual_service.proto index 985c29f168..717c590df2 100644 --- a/networking/v1alpha3/virtual_service.proto +++ b/networking/v1alpha3/virtual_service.proto @@ -16,7 +16,7 @@ syntax = "proto3"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; -import "networking/v1alpha3/service_dependency.proto"; +import "networking/v1alpha3/sidecar.proto"; // $title: Traffic Routing // $description: Configuration affecting traffic routing. diff --git a/proto.lock b/proto.lock index b9415c777f..0720d7b45d 100644 --- a/proto.lock +++ b/proto.lock @@ -690,19 +690,6 @@ "integer": 2 } ] - }, - { - "name": "DefaultServiceDependency.Mode", - "enum_fields": [ - { - "name": "ALL_NAMESPACES", - "integer": 0 - }, - { - "name": "SAME_NAMESPACE", - "integer": 1 - } - ] } ], "messages": [ @@ -844,16 +831,12 @@ "id": 26, "name": "trust_domain", "type": "string" - }, - { - "id": 29, - "name": "default_service_dependency", - "type": "DefaultServiceDependency" } ], "reserved_ids": [ 15, - 18 + 18, + 29 ], "messages": [ { @@ -865,22 +848,6 @@ "type": "Mode" } ] - }, - { - "name": "DefaultServiceDependency", - "fields": [ - { - "id": 1, - "name": "import_mode", - "type": "Mode" - }, - { - "id": 2, - "name": "import_namespaces", - "type": "string", - "is_repeated": true - } - ] } ] }, @@ -3154,77 +3121,6 @@ ] } }, - { - "protopath": "networking:/:v1alpha3:/:service_dependency.proto", - "def": { - "enums": [ - { - "name": "ConfigScope", - "enum_fields": [ - { - "name": "PUBLIC", - "integer": 0 - }, - { - "name": "PRIVATE", - "integer": 1 - } - ] - } - ], - "messages": [ - { - "name": "ServiceDependency", - "fields": [ - { - "id": 1, - "name": "dependencies", - "type": "Dependency", - "is_repeated": true - } - ], - "messages": [ - { - "name": "Import", - "fields": [ - { - "id": 1, - "name": "namespace", - "type": "string" - }, - { - "id": 2, - "name": "host", - "type": "string" - } - ] - }, - { - "name": "Dependency", - "fields": [ - { - "id": 2, - "name": "imports", - "type": "Import", - "is_repeated": true - } - ], - "maps": [ - { - "key_type": "string", - "field": { - "id": 1, - "name": "source_workload_labels", - "type": "string" - } - } - ] - } - ] - } - ] - } - }, { "protopath": "networking:/:v1alpha3:/:service_entry.proto", "def": { @@ -3353,6 +3249,77 @@ ] } }, + { + "protopath": "networking:/:v1alpha3:/:sidecar.proto", + "def": { + "enums": [ + { + "name": "ConfigScope", + "enum_fields": [ + { + "name": "PUBLIC", + "integer": 0 + }, + { + "name": "PRIVATE", + "integer": 1 + } + ] + } + ], + "messages": [ + { + "name": "ServiceDependency", + "fields": [ + { + "id": 1, + "name": "dependencies", + "type": "Dependency", + "is_repeated": true + } + ], + "messages": [ + { + "name": "Import", + "fields": [ + { + "id": 1, + "name": "namespace", + "type": "string" + }, + { + "id": 2, + "name": "host", + "type": "string" + } + ] + }, + { + "name": "Dependency", + "fields": [ + { + "id": 2, + "name": "imports", + "type": "Import", + "is_repeated": true + } + ], + "maps": [ + { + "key_type": "string", + "field": { + "id": 1, + "name": "source_workload_labels", + "type": "string" + } + } + ] + } + ] + } + ] + } + }, { "protopath": "networking:/:v1alpha3:/:virtual_service.proto", "def": { diff --git a/python/istio_api/mesh/v1alpha1/config_pb2.py b/python/istio_api/mesh/v1alpha1/config_pb2.py index 45d2e7a478..f5bb87ad8b 100644 --- a/python/istio_api/mesh/v1alpha1/config_pb2.py +++ b/python/istio_api/mesh/v1alpha1/config_pb2.py @@ -22,7 +22,7 @@ name='mesh/v1alpha1/config.proto', package='istio.mesh.v1alpha1', syntax='proto3', - serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\x93\x0e\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x1c \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12N\n\x13\x61\x63\x63\x65ss_log_encoding\x18\x1b \x01(\x0e\x32\x31.istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x1a\n\x12sds_use_k8s_sa_jwt\x18\x1e \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x12\\\n\x1a\x64\x65\x66\x61ult_service_dependency\x18\x1d \x01(\x0b\x32\x38.istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\x1a\xb9\x01\n\x18\x44\x65\x66\x61ultServiceDependency\x12R\n\x0bimport_mode\x18\x01 \x01(\x0e\x32=.istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency.Mode\x12\x19\n\x11import_namespaces\x18\x02 \x03(\t\".\n\x04Mode\x12\x12\n\x0e\x41LL_NAMESPACES\x10\x00\x12\x12\n\x0eSAME_NAMESPACE\x10\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\"\'\n\x11\x41\x63\x63\x65ssLogEncoding\x12\x08\n\x04TEXT\x10\x00\x12\x08\n\x04JSON\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') + serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\xff\x0b\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x1c \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12N\n\x13\x61\x63\x63\x65ss_log_encoding\x18\x1b \x01(\x0e\x32\x31.istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x1a\n\x12sds_use_k8s_sa_jwt\x18\x1e \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\"\'\n\x11\x41\x63\x63\x65ssLogEncoding\x12\x08\n\x04TEXT\x10\x00\x12\x08\n\x04JSON\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13J\x04\x08\x1d\x10\x1e\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') , dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,mesh_dot_v1alpha1_dot_proxy__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_destination__rule__pb2.DESCRIPTOR,]) @@ -49,33 +49,11 @@ ], containing_type=None, options=None, - serialized_start=1548, - serialized_end=1626, + serialized_start=1454, + serialized_end=1532, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE) -_MESHCONFIG_DEFAULTSERVICEDEPENDENCY_MODE = _descriptor.EnumDescriptor( - name='Mode', - full_name='istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency.Mode', - filename=None, - file=DESCRIPTOR, - values=[ - _descriptor.EnumValueDescriptor( - name='ALL_NAMESPACES', index=0, number=0, - options=None, - type=None), - _descriptor.EnumValueDescriptor( - name='SAME_NAMESPACE', index=1, number=1, - options=None, - type=None), - ], - containing_type=None, - options=None, - serialized_start=1768, - serialized_end=1814, -) -_sym_db.RegisterEnumDescriptor(_MESHCONFIG_DEFAULTSERVICEDEPENDENCY_MODE) - _MESHCONFIG_INGRESSCONTROLLERMODE = _descriptor.EnumDescriptor( name='IngressControllerMode', full_name='istio.mesh.v1alpha1.MeshConfig.IngressControllerMode', @@ -97,8 +75,8 @@ ], containing_type=None, options=None, - serialized_start=1816, - serialized_end=1873, + serialized_start=1534, + serialized_end=1591, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_INGRESSCONTROLLERMODE) @@ -119,8 +97,8 @@ ], containing_type=None, options=None, - serialized_start=1875, - serialized_end=1913, + serialized_start=1593, + serialized_end=1631, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_AUTHPOLICY) @@ -141,8 +119,8 @@ ], containing_type=None, options=None, - serialized_start=1915, - serialized_end=1954, + serialized_start=1633, + serialized_end=1672, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_ACCESSLOGENCODING) @@ -174,46 +152,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1445, - serialized_end=1626, -) - -_MESHCONFIG_DEFAULTSERVICEDEPENDENCY = _descriptor.Descriptor( - name='DefaultServiceDependency', - full_name='istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency', - filename=None, - file=DESCRIPTOR, - containing_type=None, - fields=[ - _descriptor.FieldDescriptor( - name='import_mode', full_name='istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency.import_mode', index=0, - number=1, type=14, cpp_type=8, label=1, - has_default_value=False, default_value=0, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - options=None, file=DESCRIPTOR), - _descriptor.FieldDescriptor( - name='import_namespaces', full_name='istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency.import_namespaces', index=1, - number=2, type=9, cpp_type=9, label=3, - has_default_value=False, default_value=[], - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - options=None, file=DESCRIPTOR), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - _MESHCONFIG_DEFAULTSERVICEDEPENDENCY_MODE, - ], - options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=1629, - serialized_end=1814, + serialized_start=1351, + serialized_end=1532, ) _MESHCONFIG = _descriptor.Descriptor( @@ -412,17 +352,10 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), - _descriptor.FieldDescriptor( - name='default_service_dependency', full_name='istio.mesh.v1alpha1.MeshConfig.default_service_dependency', index=27, - number=29, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - options=None, file=DESCRIPTOR), ], extensions=[ ], - nested_types=[_MESHCONFIG_OUTBOUNDTRAFFICPOLICY, _MESHCONFIG_DEFAULTSERVICEDEPENDENCY, ], + nested_types=[_MESHCONFIG_OUTBOUNDTRAFFICPOLICY, ], enum_types=[ _MESHCONFIG_INGRESSCONTROLLERMODE, _MESHCONFIG_AUTHPOLICY, @@ -435,7 +368,7 @@ oneofs=[ ], serialized_start=155, - serialized_end=1966, + serialized_end=1690, ) @@ -472,16 +405,13 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1968, - serialized_end=2061, + serialized_start=1692, + serialized_end=1785, ) _MESHCONFIG_OUTBOUNDTRAFFICPOLICY.fields_by_name['mode'].enum_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE _MESHCONFIG_OUTBOUNDTRAFFICPOLICY.containing_type = _MESHCONFIG _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE.containing_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY -_MESHCONFIG_DEFAULTSERVICEDEPENDENCY.fields_by_name['import_mode'].enum_type = _MESHCONFIG_DEFAULTSERVICEDEPENDENCY_MODE -_MESHCONFIG_DEFAULTSERVICEDEPENDENCY.containing_type = _MESHCONFIG -_MESHCONFIG_DEFAULTSERVICEDEPENDENCY_MODE.containing_type = _MESHCONFIG_DEFAULTSERVICEDEPENDENCY _MESHCONFIG.fields_by_name['connect_timeout'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION _MESHCONFIG.fields_by_name['tcp_keepalive'].message_type = networking_dot_v1alpha3_dot_destination__rule__pb2._CONNECTIONPOOLSETTINGS_TCPSETTINGS_TCPKEEPALIVE _MESHCONFIG.fields_by_name['ingress_controller_mode'].enum_type = _MESHCONFIG_INGRESSCONTROLLERMODE @@ -492,7 +422,6 @@ _MESHCONFIG.fields_by_name['outbound_traffic_policy'].message_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY _MESHCONFIG.fields_by_name['sds_refresh_delay'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION _MESHCONFIG.fields_by_name['config_sources'].message_type = _CONFIGSOURCE -_MESHCONFIG.fields_by_name['default_service_dependency'].message_type = _MESHCONFIG_DEFAULTSERVICEDEPENDENCY _MESHCONFIG_INGRESSCONTROLLERMODE.containing_type = _MESHCONFIG _MESHCONFIG_AUTHPOLICY.containing_type = _MESHCONFIG _MESHCONFIG_ACCESSLOGENCODING.containing_type = _MESHCONFIG @@ -509,20 +438,12 @@ # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy) )) , - - DefaultServiceDependency = _reflection.GeneratedProtocolMessageType('DefaultServiceDependency', (_message.Message,), dict( - DESCRIPTOR = _MESHCONFIG_DEFAULTSERVICEDEPENDENCY, - __module__ = 'mesh.v1alpha1.config_pb2' - # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.MeshConfig.DefaultServiceDependency) - )) - , DESCRIPTOR = _MESHCONFIG, __module__ = 'mesh.v1alpha1.config_pb2' # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.MeshConfig) )) _sym_db.RegisterMessage(MeshConfig) _sym_db.RegisterMessage(MeshConfig.OutboundTrafficPolicy) -_sym_db.RegisterMessage(MeshConfig.DefaultServiceDependency) ConfigSource = _reflection.GeneratedProtocolMessageType('ConfigSource', (_message.Message,), dict( DESCRIPTOR = _CONFIGSOURCE, diff --git a/python/istio_api/networking/v1alpha3/destination_rule_pb2.py b/python/istio_api/networking/v1alpha3/destination_rule_pb2.py index a3bc60696a..3a54fdf1f0 100644 --- a/python/istio_api/networking/v1alpha3/destination_rule_pb2.py +++ b/python/istio_api/networking/v1alpha3/destination_rule_pb2.py @@ -15,7 +15,7 @@ from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 from networking.v1alpha3 import virtual_service_pb2 as networking_dot_v1alpha3_dot_virtual__service__pb2 -from networking.v1alpha3 import service_dependency_pb2 as networking_dot_v1alpha3_dot_service__dependency__pb2 +from networking.v1alpha3 import sidecar_pb2 as networking_dot_v1alpha3_dot_sidecar__pb2 from gogoproto import gogo_pb2 as gogoproto_dot_gogo__pb2 @@ -23,9 +23,9 @@ name='networking/v1alpha3/destination_rule.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n*networking/v1alpha3/destination_rule.proto\x12\x19istio.networking.v1alpha3\x1a\x1egoogle/protobuf/duration.proto\x1a)networking/v1alpha3/virtual_service.proto\x1a,networking/v1alpha3/service_dependency.proto\x1a\x14gogoproto/gogo.proto\"\xd3\x01\n\x0f\x44\x65stinationRule\x12\x0c\n\x04host\x18\x01 \x01(\t\x12@\n\x0etraffic_policy\x18\x02 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x12\x32\n\x07subsets\x18\x03 \x03(\x0b\x32!.istio.networking.v1alpha3.Subset\x12<\n\x0c\x63onfig_scope\x18\x04 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\"\xd7\x05\n\rTrafficPolicy\x12\x46\n\rload_balancer\x18\x01 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x02 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x33\n\x03tls\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettings\x12W\n\x13port_level_settings\x18\x05 \x03(\x0b\x32:.istio.networking.v1alpha3.TrafficPolicy.PortTrafficPolicy\x1a\xdb\x02\n\x11PortTrafficPolicy\x12\x35\n\x04port\x18\x01 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\x12\x46\n\rload_balancer\x18\x02 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x03 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x04 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x33\n\x03tls\x18\x05 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettings\"\xc6\x01\n\x06Subset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12=\n\x06labels\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.Subset.LabelsEntry\x12@\n\x0etraffic_policy\x18\x03 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xc3\x04\n\x14LoadBalancerSettings\x12J\n\x06simple\x18\x01 \x01(\x0e\x32\x38.istio.networking.v1alpha3.LoadBalancerSettings.SimpleLBH\x00\x12[\n\x0f\x63onsistent_hash\x18\x02 \x01(\x0b\x32@.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLBH\x00\x1a\xaa\x02\n\x10\x43onsistentHashLB\x12\x1a\n\x10http_header_name\x18\x01 \x01(\tH\x00\x12\x62\n\x0bhttp_cookie\x18\x02 \x01(\x0b\x32K.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLB.HTTPCookieH\x00\x12\x17\n\ruse_source_ip\x18\x03 \x01(\x08H\x00\x12\x19\n\x11minimum_ring_size\x18\x04 \x01(\x04\x1aV\n\nHTTPCookie\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0c\n\x04path\x18\x02 \x01(\t\x12,\n\x03ttl\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationB\x04\x98\xdf\x1f\x01\x42\n\n\x08hash_key\"H\n\x08SimpleLB\x12\x0f\n\x0bROUND_ROBIN\x10\x00\x12\x0e\n\nLEAST_CONN\x10\x01\x12\n\n\x06RANDOM\x10\x02\x12\x0f\n\x0bPASSTHROUGH\x10\x03\x42\x0b\n\tlb_policy\"\xf3\x04\n\x16\x43onnectionPoolSettings\x12J\n\x03tcp\x18\x01 \x01(\x0b\x32=.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings\x12L\n\x04http\x18\x02 \x01(\x0b\x32>.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings\x1a\xb3\x02\n\x0bTCPSettings\x12\x17\n\x0fmax_connections\x18\x01 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x03 \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x1at\n\x0cTcpKeepalive\x12\x0e\n\x06probes\x18\x01 \x01(\r\x12\'\n\x04time\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12+\n\x08interval\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x1a\x88\x01\n\x0cHTTPSettings\x12\"\n\x1ahttp1_max_pending_requests\x18\x01 \x01(\x05\x12\x1a\n\x12http2_max_requests\x18\x02 \x01(\x05\x12#\n\x1bmax_requests_per_connection\x18\x03 \x01(\x05\x12\x13\n\x0bmax_retries\x18\x04 \x01(\x05\"\xcc\x01\n\x10OutlierDetection\x12\x1a\n\x12\x63onsecutive_errors\x18\x01 \x01(\x05\x12+\n\x08interval\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x12\x62\x61se_ejection_time\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1c\n\x14max_ejection_percent\x18\x04 \x01(\x05\x12\x1a\n\x12min_health_percent\x18\x05 \x01(\x05\"\xff\x01\n\x0bTLSSettings\x12<\n\x04mode\x18\x01 \x01(\x0e\x32..istio.networking.v1alpha3.TLSSettings.TLSmode\x12\x1a\n\x12\x63lient_certificate\x18\x02 \x01(\t\x12\x13\n\x0bprivate_key\x18\x03 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x04 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x05 \x03(\t\x12\x0b\n\x03sni\x18\x06 \x01(\t\"@\n\x07TLSmode\x12\x0b\n\x07\x44ISABLE\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x10\n\x0cISTIO_MUTUAL\x10\x03\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n*networking/v1alpha3/destination_rule.proto\x12\x19istio.networking.v1alpha3\x1a\x1egoogle/protobuf/duration.proto\x1a)networking/v1alpha3/virtual_service.proto\x1a!networking/v1alpha3/sidecar.proto\x1a\x14gogoproto/gogo.proto\"\xd3\x01\n\x0f\x44\x65stinationRule\x12\x0c\n\x04host\x18\x01 \x01(\t\x12@\n\x0etraffic_policy\x18\x02 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x12\x32\n\x07subsets\x18\x03 \x03(\x0b\x32!.istio.networking.v1alpha3.Subset\x12<\n\x0c\x63onfig_scope\x18\x04 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\"\xd7\x05\n\rTrafficPolicy\x12\x46\n\rload_balancer\x18\x01 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x02 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x33\n\x03tls\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettings\x12W\n\x13port_level_settings\x18\x05 \x03(\x0b\x32:.istio.networking.v1alpha3.TrafficPolicy.PortTrafficPolicy\x1a\xdb\x02\n\x11PortTrafficPolicy\x12\x35\n\x04port\x18\x01 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\x12\x46\n\rload_balancer\x18\x02 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x03 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x04 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x33\n\x03tls\x18\x05 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettings\"\xc6\x01\n\x06Subset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12=\n\x06labels\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.Subset.LabelsEntry\x12@\n\x0etraffic_policy\x18\x03 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xc3\x04\n\x14LoadBalancerSettings\x12J\n\x06simple\x18\x01 \x01(\x0e\x32\x38.istio.networking.v1alpha3.LoadBalancerSettings.SimpleLBH\x00\x12[\n\x0f\x63onsistent_hash\x18\x02 \x01(\x0b\x32@.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLBH\x00\x1a\xaa\x02\n\x10\x43onsistentHashLB\x12\x1a\n\x10http_header_name\x18\x01 \x01(\tH\x00\x12\x62\n\x0bhttp_cookie\x18\x02 \x01(\x0b\x32K.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLB.HTTPCookieH\x00\x12\x17\n\ruse_source_ip\x18\x03 \x01(\x08H\x00\x12\x19\n\x11minimum_ring_size\x18\x04 \x01(\x04\x1aV\n\nHTTPCookie\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0c\n\x04path\x18\x02 \x01(\t\x12,\n\x03ttl\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationB\x04\x98\xdf\x1f\x01\x42\n\n\x08hash_key\"H\n\x08SimpleLB\x12\x0f\n\x0bROUND_ROBIN\x10\x00\x12\x0e\n\nLEAST_CONN\x10\x01\x12\n\n\x06RANDOM\x10\x02\x12\x0f\n\x0bPASSTHROUGH\x10\x03\x42\x0b\n\tlb_policy\"\xf3\x04\n\x16\x43onnectionPoolSettings\x12J\n\x03tcp\x18\x01 \x01(\x0b\x32=.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings\x12L\n\x04http\x18\x02 \x01(\x0b\x32>.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings\x1a\xb3\x02\n\x0bTCPSettings\x12\x17\n\x0fmax_connections\x18\x01 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x03 \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x1at\n\x0cTcpKeepalive\x12\x0e\n\x06probes\x18\x01 \x01(\r\x12\'\n\x04time\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12+\n\x08interval\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x1a\x88\x01\n\x0cHTTPSettings\x12\"\n\x1ahttp1_max_pending_requests\x18\x01 \x01(\x05\x12\x1a\n\x12http2_max_requests\x18\x02 \x01(\x05\x12#\n\x1bmax_requests_per_connection\x18\x03 \x01(\x05\x12\x13\n\x0bmax_retries\x18\x04 \x01(\x05\"\xcc\x01\n\x10OutlierDetection\x12\x1a\n\x12\x63onsecutive_errors\x18\x01 \x01(\x05\x12+\n\x08interval\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x12\x62\x61se_ejection_time\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1c\n\x14max_ejection_percent\x18\x04 \x01(\x05\x12\x1a\n\x12min_health_percent\x18\x05 \x01(\x05\"\xff\x01\n\x0bTLSSettings\x12<\n\x04mode\x18\x01 \x01(\x0e\x32..istio.networking.v1alpha3.TLSSettings.TLSmode\x12\x1a\n\x12\x63lient_certificate\x18\x02 \x01(\t\x12\x13\n\x0bprivate_key\x18\x03 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x04 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x05 \x03(\t\x12\x0b\n\x03sni\x18\x06 \x01(\t\"@\n\x07TLSmode\x12\x0b\n\x07\x44ISABLE\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x10\n\x0cISTIO_MUTUAL\x10\x03\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , - dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_virtual__service__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_service__dependency__pb2.DESCRIPTOR,gogoproto_dot_gogo__pb2.DESCRIPTOR,]) + dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_virtual__service__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_sidecar__pb2.DESCRIPTOR,gogoproto_dot_gogo__pb2.DESCRIPTOR,]) @@ -54,8 +54,8 @@ ], containing_type=None, options=None, - serialized_start=1856, - serialized_end=1928, + serialized_start=1845, + serialized_end=1917, ) _sym_db.RegisterEnumDescriptor(_LOADBALANCERSETTINGS_SIMPLELB) @@ -84,8 +84,8 @@ ], containing_type=None, options=None, - serialized_start=2972, - serialized_end=3036, + serialized_start=2961, + serialized_end=3025, ) _sym_db.RegisterEnumDescriptor(_TLSSETTINGS_TLSMODE) @@ -137,8 +137,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=217, - serialized_end=428, + serialized_start=206, + serialized_end=417, ) @@ -196,8 +196,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=811, - serialized_end=1158, + serialized_start=800, + serialized_end=1147, ) _TRAFFICPOLICY = _descriptor.Descriptor( @@ -254,8 +254,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=431, - serialized_end=1158, + serialized_start=420, + serialized_end=1147, ) @@ -292,8 +292,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1314, - serialized_end=1359, + serialized_start=1303, + serialized_end=1348, ) _SUBSET = _descriptor.Descriptor( @@ -336,8 +336,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1161, - serialized_end=1359, + serialized_start=1150, + serialized_end=1348, ) @@ -381,8 +381,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1756, - serialized_end=1842, + serialized_start=1745, + serialized_end=1831, ) _LOADBALANCERSETTINGS_CONSISTENTHASHLB = _descriptor.Descriptor( @@ -435,8 +435,8 @@ name='hash_key', full_name='istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLB.hash_key', index=0, containing_type=None, fields=[]), ], - serialized_start=1556, - serialized_end=1854, + serialized_start=1545, + serialized_end=1843, ) _LOADBALANCERSETTINGS = _descriptor.Descriptor( @@ -476,8 +476,8 @@ name='lb_policy', full_name='istio.networking.v1alpha3.LoadBalancerSettings.lb_policy', index=0, containing_type=None, fields=[]), ], - serialized_start=1362, - serialized_end=1941, + serialized_start=1351, + serialized_end=1930, ) @@ -521,8 +521,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2316, - serialized_end=2432, + serialized_start=2305, + serialized_end=2421, ) _CONNECTIONPOOLSETTINGS_TCPSETTINGS = _descriptor.Descriptor( @@ -565,8 +565,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2125, - serialized_end=2432, + serialized_start=2114, + serialized_end=2421, ) _CONNECTIONPOOLSETTINGS_HTTPSETTINGS = _descriptor.Descriptor( @@ -616,8 +616,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2435, - serialized_end=2571, + serialized_start=2424, + serialized_end=2560, ) _CONNECTIONPOOLSETTINGS = _descriptor.Descriptor( @@ -653,8 +653,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1944, - serialized_end=2571, + serialized_start=1933, + serialized_end=2560, ) @@ -712,8 +712,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2574, - serialized_end=2778, + serialized_start=2563, + serialized_end=2767, ) @@ -779,13 +779,13 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2781, - serialized_end=3036, + serialized_start=2770, + serialized_end=3025, ) _DESTINATIONRULE.fields_by_name['traffic_policy'].message_type = _TRAFFICPOLICY _DESTINATIONRULE.fields_by_name['subsets'].message_type = _SUBSET -_DESTINATIONRULE.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_service__dependency__pb2._CONFIGSCOPE +_DESTINATIONRULE.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_sidecar__pb2._CONFIGSCOPE _TRAFFICPOLICY_PORTTRAFFICPOLICY.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_virtual__service__pb2._PORTSELECTOR _TRAFFICPOLICY_PORTTRAFFICPOLICY.fields_by_name['load_balancer'].message_type = _LOADBALANCERSETTINGS _TRAFFICPOLICY_PORTTRAFFICPOLICY.fields_by_name['connection_pool'].message_type = _CONNECTIONPOOLSETTINGS diff --git a/python/istio_api/networking/v1alpha3/service_entry_pb2.py b/python/istio_api/networking/v1alpha3/service_entry_pb2.py index c3c269209f..0375749f9a 100644 --- a/python/istio_api/networking/v1alpha3/service_entry_pb2.py +++ b/python/istio_api/networking/v1alpha3/service_entry_pb2.py @@ -14,16 +14,16 @@ from networking.v1alpha3 import gateway_pb2 as networking_dot_v1alpha3_dot_gateway__pb2 -from networking.v1alpha3 import service_dependency_pb2 as networking_dot_v1alpha3_dot_service__dependency__pb2 +from networking.v1alpha3 import sidecar_pb2 as networking_dot_v1alpha3_dot_sidecar__pb2 DESCRIPTOR = _descriptor.FileDescriptor( name='networking/v1alpha3/service_entry.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n\'networking/v1alpha3/service_entry.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\x1a,networking/v1alpha3/service_dependency.proto\"\x96\x06\n\x0cServiceEntry\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x11\n\taddresses\x18\x02 \x03(\t\x12.\n\x05ports\x18\x03 \x03(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x42\n\x08location\x18\x04 \x01(\x0e\x32\x30.istio.networking.v1alpha3.ServiceEntry.Location\x12\x46\n\nresolution\x18\x05 \x01(\x0e\x32\x32.istio.networking.v1alpha3.ServiceEntry.Resolution\x12\x43\n\tendpoints\x18\x06 \x03(\x0b\x32\x30.istio.networking.v1alpha3.ServiceEntry.Endpoint\x12<\n\x0c\x63onfig_scope\x18\x07 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\x1a\xc5\x02\n\x08\x45ndpoint\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12J\n\x05ports\x18\x02 \x03(\x0b\x32;.istio.networking.v1alpha3.ServiceEntry.Endpoint.PortsEntry\x12L\n\x06labels\x18\x03 \x03(\x0b\x32<.istio.networking.v1alpha3.ServiceEntry.Endpoint.LabelsEntry\x12\x0f\n\x07network\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x0e\n\x06weight\x18\x06 \x01(\r\x1a,\n\nPortsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"0\n\x08Location\x12\x11\n\rMESH_EXTERNAL\x10\x00\x12\x11\n\rMESH_INTERNAL\x10\x01\"+\n\nResolution\x12\x08\n\x04NONE\x10\x00\x12\n\n\x06STATIC\x10\x01\x12\x07\n\x03\x44NS\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n\'networking/v1alpha3/service_entry.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\x1a!networking/v1alpha3/sidecar.proto\"\x96\x06\n\x0cServiceEntry\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x11\n\taddresses\x18\x02 \x03(\t\x12.\n\x05ports\x18\x03 \x03(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x42\n\x08location\x18\x04 \x01(\x0e\x32\x30.istio.networking.v1alpha3.ServiceEntry.Location\x12\x46\n\nresolution\x18\x05 \x01(\x0e\x32\x32.istio.networking.v1alpha3.ServiceEntry.Resolution\x12\x43\n\tendpoints\x18\x06 \x03(\x0b\x32\x30.istio.networking.v1alpha3.ServiceEntry.Endpoint\x12<\n\x0c\x63onfig_scope\x18\x07 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\x1a\xc5\x02\n\x08\x45ndpoint\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12J\n\x05ports\x18\x02 \x03(\x0b\x32;.istio.networking.v1alpha3.ServiceEntry.Endpoint.PortsEntry\x12L\n\x06labels\x18\x03 \x03(\x0b\x32<.istio.networking.v1alpha3.ServiceEntry.Endpoint.LabelsEntry\x12\x0f\n\x07network\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x0e\n\x06weight\x18\x06 \x01(\r\x1a,\n\nPortsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"0\n\x08Location\x12\x11\n\rMESH_EXTERNAL\x10\x00\x12\x11\n\rMESH_INTERNAL\x10\x01\"+\n\nResolution\x12\x08\n\x04NONE\x10\x00\x12\n\n\x06STATIC\x10\x01\x12\x07\n\x03\x44NS\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , - dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_service__dependency__pb2.DESCRIPTOR,]) + dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_sidecar__pb2.DESCRIPTOR,]) @@ -44,8 +44,8 @@ ], containing_type=None, options=None, - serialized_start=849, - serialized_end=897, + serialized_start=838, + serialized_end=886, ) _sym_db.RegisterEnumDescriptor(_SERVICEENTRY_LOCATION) @@ -70,8 +70,8 @@ ], containing_type=None, options=None, - serialized_start=899, - serialized_end=942, + serialized_start=888, + serialized_end=931, ) _sym_db.RegisterEnumDescriptor(_SERVICEENTRY_RESOLUTION) @@ -109,8 +109,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=756, - serialized_end=800, + serialized_start=745, + serialized_end=789, ) _SERVICEENTRY_ENDPOINT_LABELSENTRY = _descriptor.Descriptor( @@ -146,8 +146,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=802, - serialized_end=847, + serialized_start=791, + serialized_end=836, ) _SERVICEENTRY_ENDPOINT = _descriptor.Descriptor( @@ -211,8 +211,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=522, - serialized_end=847, + serialized_start=511, + serialized_end=836, ) _SERVICEENTRY = _descriptor.Descriptor( @@ -285,8 +285,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=152, - serialized_end=942, + serialized_start=141, + serialized_end=931, ) _SERVICEENTRY_ENDPOINT_PORTSENTRY.containing_type = _SERVICEENTRY_ENDPOINT @@ -298,7 +298,7 @@ _SERVICEENTRY.fields_by_name['location'].enum_type = _SERVICEENTRY_LOCATION _SERVICEENTRY.fields_by_name['resolution'].enum_type = _SERVICEENTRY_RESOLUTION _SERVICEENTRY.fields_by_name['endpoints'].message_type = _SERVICEENTRY_ENDPOINT -_SERVICEENTRY.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_service__dependency__pb2._CONFIGSCOPE +_SERVICEENTRY.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_sidecar__pb2._CONFIGSCOPE _SERVICEENTRY_LOCATION.containing_type = _SERVICEENTRY _SERVICEENTRY_RESOLUTION.containing_type = _SERVICEENTRY DESCRIPTOR.message_types_by_name['ServiceEntry'] = _SERVICEENTRY diff --git a/python/istio_api/networking/v1alpha3/service_dependency_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py similarity index 85% rename from python/istio_api/networking/v1alpha3/service_dependency_pb2.py rename to python/istio_api/networking/v1alpha3/sidecar_pb2.py index 995a079b31..4793d7bbcb 100644 --- a/python/istio_api/networking/v1alpha3/service_dependency_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -1,5 +1,5 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! -# source: networking/v1alpha3/service_dependency.proto +# source: networking/v1alpha3/sidecar.proto import sys _b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1')) @@ -17,10 +17,10 @@ DESCRIPTOR = _descriptor.FileDescriptor( - name='networking/v1alpha3/service_dependency.proto', + name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n,networking/v1alpha3/service_dependency.proto\x12\x19istio.networking.v1alpha3\"\x92\x03\n\x11ServiceDependency\x12M\n\x0c\x64\x65pendencies\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.ServiceDependency.Dependency\x1a)\n\x06Import\x12\x11\n\tnamespace\x18\x01 \x01(\t\x12\x0c\n\x04host\x18\x02 \x01(\t\x1a\x82\x02\n\nDependency\x12q\n\x16source_workload_labels\x18\x01 \x03(\x0b\x32Q.istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry\x12\x44\n\x07imports\x18\x02 \x03(\x0b\x32\x33.istio.networking.v1alpha3.ServiceDependency.Import\x1a;\n\x19SourceWorkloadLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\"\x92\x03\n\x11ServiceDependency\x12M\n\x0c\x64\x65pendencies\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.ServiceDependency.Dependency\x1a)\n\x06Import\x12\x11\n\tnamespace\x18\x01 \x01(\t\x12\x0c\n\x04host\x18\x02 \x01(\t\x1a\x82\x02\n\nDependency\x12q\n\x16source_workload_labels\x18\x01 \x03(\x0b\x32Q.istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry\x12\x44\n\x07imports\x18\x02 \x03(\x0b\x32\x33.istio.networking.v1alpha3.ServiceDependency.Import\x1a;\n\x19SourceWorkloadLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') ) _CONFIGSCOPE = _descriptor.EnumDescriptor( @@ -40,8 +40,8 @@ ], containing_type=None, options=None, - serialized_start=480, - serialized_end=518, + serialized_start=469, + serialized_end=507, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) @@ -84,8 +84,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=176, - serialized_end=217, + serialized_start=165, + serialized_end=206, ) _SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY = _descriptor.Descriptor( @@ -121,8 +121,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=419, - serialized_end=478, + serialized_start=408, + serialized_end=467, ) _SERVICEDEPENDENCY_DEPENDENCY = _descriptor.Descriptor( @@ -158,8 +158,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=220, - serialized_end=478, + serialized_start=209, + serialized_end=467, ) _SERVICEDEPENDENCY = _descriptor.Descriptor( @@ -188,8 +188,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=76, - serialized_end=478, + serialized_start=65, + serialized_end=467, ) _SERVICEDEPENDENCY_IMPORT.containing_type = _SERVICEDEPENDENCY @@ -206,7 +206,7 @@ Import = _reflection.GeneratedProtocolMessageType('Import', (_message.Message,), dict( DESCRIPTOR = _SERVICEDEPENDENCY_IMPORT, - __module__ = 'networking.v1alpha3.service_dependency_pb2' + __module__ = 'networking.v1alpha3.sidecar_pb2' # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Import) )) , @@ -215,17 +215,17 @@ SourceWorkloadLabelsEntry = _reflection.GeneratedProtocolMessageType('SourceWorkloadLabelsEntry', (_message.Message,), dict( DESCRIPTOR = _SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY, - __module__ = 'networking.v1alpha3.service_dependency_pb2' + __module__ = 'networking.v1alpha3.sidecar_pb2' # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry) )) , DESCRIPTOR = _SERVICEDEPENDENCY_DEPENDENCY, - __module__ = 'networking.v1alpha3.service_dependency_pb2' + __module__ = 'networking.v1alpha3.sidecar_pb2' # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Dependency) )) , DESCRIPTOR = _SERVICEDEPENDENCY, - __module__ = 'networking.v1alpha3.service_dependency_pb2' + __module__ = 'networking.v1alpha3.sidecar_pb2' # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency) )) _sym_db.RegisterMessage(ServiceDependency) diff --git a/python/istio_api/networking/v1alpha3/virtual_service_pb2.py b/python/istio_api/networking/v1alpha3/virtual_service_pb2.py index 7df90ca370..4bff1527b2 100644 --- a/python/istio_api/networking/v1alpha3/virtual_service_pb2.py +++ b/python/istio_api/networking/v1alpha3/virtual_service_pb2.py @@ -15,16 +15,16 @@ from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 from google.protobuf import wrappers_pb2 as google_dot_protobuf_dot_wrappers__pb2 -from networking.v1alpha3 import service_dependency_pb2 as networking_dot_v1alpha3_dot_service__dependency__pb2 +from networking.v1alpha3 import sidecar_pb2 as networking_dot_v1alpha3_dot_sidecar__pb2 DESCRIPTOR = _descriptor.FileDescriptor( name='networking/v1alpha3/virtual_service.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n)networking/v1alpha3/virtual_service.proto\x12\x19istio.networking.v1alpha3\x1a\x1egoogle/protobuf/duration.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a,networking/v1alpha3/service_dependency.proto\"\x87\x02\n\x0eVirtualService\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x10\n\x08gateways\x18\x02 \x03(\t\x12\x32\n\x04http\x18\x03 \x03(\x0b\x32$.istio.networking.v1alpha3.HTTPRoute\x12\x30\n\x03tls\x18\x05 \x03(\x0b\x32#.istio.networking.v1alpha3.TLSRoute\x12\x30\n\x03tcp\x18\x04 \x03(\x0b\x32#.istio.networking.v1alpha3.TCPRoute\x12<\n\x0c\x63onfig_scope\x18\x06 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\"b\n\x0b\x44\x65stination\x12\x0c\n\x04host\x18\x01 \x01(\t\x12\x0e\n\x06subset\x18\x02 \x01(\t\x12\x35\n\x04port\x18\x03 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\"\xf9\x08\n\tHTTPRoute\x12:\n\x05match\x18\x01 \x03(\x0b\x32+.istio.networking.v1alpha3.HTTPMatchRequest\x12>\n\x05route\x18\x02 \x03(\x0b\x32/.istio.networking.v1alpha3.HTTPRouteDestination\x12\x39\n\x08redirect\x18\x03 \x01(\x0b\x32\'.istio.networking.v1alpha3.HTTPRedirect\x12\x37\n\x07rewrite\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.HTTPRewrite\x12\x19\n\x11websocket_upgrade\x18\x05 \x01(\x08\x12*\n\x07timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x07retries\x18\x07 \x01(\x0b\x32$.istio.networking.v1alpha3.HTTPRetry\x12<\n\x05\x66\x61ult\x18\x08 \x01(\x0b\x32-.istio.networking.v1alpha3.HTTPFaultInjection\x12\x36\n\x06mirror\x18\t \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12:\n\x0b\x63ors_policy\x18\n \x01(\x0b\x32%.istio.networking.v1alpha3.CorsPolicy\x12S\n\x0e\x61ppend_headers\x18\x0b \x03(\x0b\x32\x37.istio.networking.v1alpha3.HTTPRoute.AppendHeadersEntryB\x02\x18\x01\x12#\n\x17remove_response_headers\x18\x0c \x03(\tB\x02\x18\x01\x12\x64\n\x17\x61ppend_response_headers\x18\r \x03(\x0b\x32?.istio.networking.v1alpha3.HTTPRoute.AppendResponseHeadersEntryB\x02\x18\x01\x12\"\n\x16remove_request_headers\x18\x0e \x03(\tB\x02\x18\x01\x12\x62\n\x16\x61ppend_request_headers\x18\x0f \x03(\x0b\x32>.istio.networking.v1alpha3.HTTPRoute.AppendRequestHeadersEntryB\x02\x18\x01\x12\x33\n\x07headers\x18\x10 \x01(\x0b\x32\".istio.networking.v1alpha3.Headers\x1a\x34\n\x12\x41ppendHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a<\n\x1a\x41ppendResponseHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a;\n\x19\x41ppendRequestHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xa9\x03\n\x07Headers\x12\x44\n\x07request\x18\x01 \x01(\x0b\x32\x33.istio.networking.v1alpha3.Headers.HeaderOperations\x12\x45\n\x08response\x18\x02 \x01(\x0b\x32\x33.istio.networking.v1alpha3.Headers.HeaderOperations\x1a\x90\x02\n\x10HeaderOperations\x12I\n\x03set\x18\x01 \x03(\x0b\x32<.istio.networking.v1alpha3.Headers.HeaderOperations.SetEntry\x12I\n\x03\x61\x64\x64\x18\x02 \x03(\x0b\x32<.istio.networking.v1alpha3.Headers.HeaderOperations.AddEntry\x12\x0e\n\x06remove\x18\x03 \x03(\t\x1a*\n\x08SetEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a*\n\x08\x41\x64\x64\x45ntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x84\x01\n\x08TLSRoute\x12<\n\x05match\x18\x01 \x03(\x0b\x32-.istio.networking.v1alpha3.TLSMatchAttributes\x12:\n\x05route\x18\x02 \x03(\x0b\x32+.istio.networking.v1alpha3.RouteDestination\"\x83\x01\n\x08TCPRoute\x12;\n\x05match\x18\x01 \x03(\x0b\x32,.istio.networking.v1alpha3.L4MatchAttributes\x12:\n\x05route\x18\x02 \x03(\x0b\x32+.istio.networking.v1alpha3.RouteDestination\"\xc0\x04\n\x10HTTPMatchRequest\x12\x33\n\x03uri\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x36\n\x06scheme\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x36\n\x06method\x18\x03 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x39\n\tauthority\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12I\n\x07headers\x18\x05 \x03(\x0b\x32\x38.istio.networking.v1alpha3.HTTPMatchRequest.HeadersEntry\x12\x0c\n\x04port\x18\x06 \x01(\r\x12T\n\rsource_labels\x18\x07 \x03(\x0b\x32=.istio.networking.v1alpha3.HTTPMatchRequest.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x08 \x03(\t\x1aV\n\x0cHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x35\n\x05value\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch:\x02\x38\x01\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xbc\x04\n\x14HTTPRouteDestination\x12;\n\x0b\x64\x65stination\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12\x0e\n\x06weight\x18\x02 \x01(\x05\x12#\n\x17remove_response_headers\x18\x03 \x03(\tB\x02\x18\x01\x12o\n\x17\x61ppend_response_headers\x18\x04 \x03(\x0b\x32J.istio.networking.v1alpha3.HTTPRouteDestination.AppendResponseHeadersEntryB\x02\x18\x01\x12\"\n\x16remove_request_headers\x18\x05 \x03(\tB\x02\x18\x01\x12m\n\x16\x61ppend_request_headers\x18\x06 \x03(\x0b\x32I.istio.networking.v1alpha3.HTTPRouteDestination.AppendRequestHeadersEntryB\x02\x18\x01\x12\x33\n\x07headers\x18\x07 \x01(\x0b\x32\".istio.networking.v1alpha3.Headers\x1a<\n\x1a\x41ppendResponseHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a;\n\x19\x41ppendRequestHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"_\n\x10RouteDestination\x12;\n\x0b\x64\x65stination\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12\x0e\n\x06weight\x18\x02 \x01(\x05\"\xf3\x01\n\x11L4MatchAttributes\x12\x1b\n\x13\x64\x65stination_subnets\x18\x01 \x03(\t\x12\x0c\n\x04port\x18\x02 \x01(\r\x12\x15\n\rsource_subnet\x18\x03 \x01(\t\x12U\n\rsource_labels\x18\x04 \x03(\x0b\x32>.istio.networking.v1alpha3.L4MatchAttributes.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x05 \x03(\t\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x88\x02\n\x12TLSMatchAttributes\x12\x11\n\tsni_hosts\x18\x01 \x03(\t\x12\x1b\n\x13\x64\x65stination_subnets\x18\x02 \x03(\t\x12\x0c\n\x04port\x18\x03 \x01(\r\x12\x15\n\rsource_subnet\x18\x04 \x01(\t\x12V\n\rsource_labels\x18\x05 \x03(\x0b\x32?.istio.networking.v1alpha3.TLSMatchAttributes.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x06 \x03(\t\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\".\n\x0cHTTPRedirect\x12\x0b\n\x03uri\x18\x01 \x01(\t\x12\x11\n\tauthority\x18\x02 \x01(\t\"-\n\x0bHTTPRewrite\x12\x0b\n\x03uri\x18\x01 \x01(\t\x12\x11\n\tauthority\x18\x02 \x01(\t\"O\n\x0bStringMatch\x12\x0f\n\x05\x65xact\x18\x01 \x01(\tH\x00\x12\x10\n\x06prefix\x18\x02 \x01(\tH\x00\x12\x0f\n\x05regex\x18\x03 \x01(\tH\x00\x42\x0c\n\nmatch_type\"c\n\tHTTPRetry\x12\x10\n\x08\x61ttempts\x18\x01 \x01(\x05\x12\x32\n\x0fper_try_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x10\n\x08retry_on\x18\x03 \x01(\t\"\xcb\x01\n\nCorsPolicy\x12\x14\n\x0c\x61llow_origin\x18\x01 \x03(\t\x12\x15\n\rallow_methods\x18\x02 \x03(\t\x12\x15\n\rallow_headers\x18\x03 \x03(\t\x12\x16\n\x0e\x65xpose_headers\x18\x04 \x03(\t\x12*\n\x07max_age\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x11\x61llow_credentials\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.BoolValue\"\x9a\x04\n\x12HTTPFaultInjection\x12\x42\n\x05\x64\x65lay\x18\x01 \x01(\x0b\x32\x33.istio.networking.v1alpha3.HTTPFaultInjection.Delay\x12\x42\n\x05\x61\x62ort\x18\x02 \x01(\x0b\x32\x33.istio.networking.v1alpha3.HTTPFaultInjection.Abort\x1a\xd1\x01\n\x05\x44\x65lay\x12\x13\n\x07percent\x18\x01 \x01(\x05\x42\x02\x18\x01\x12\x30\n\x0b\x66ixed_delay\x18\x02 \x01(\x0b\x32\x19.google.protobuf.DurationH\x00\x12\x36\n\x11\x65xponential_delay\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationH\x00\x12\x36\n\npercentage\x18\x05 \x01(\x0b\x32\".istio.networking.v1alpha3.PercentB\x11\n\x0fhttp_delay_type\x1a\xa7\x01\n\x05\x41\x62ort\x12\x13\n\x07percent\x18\x01 \x01(\x05\x42\x02\x18\x01\x12\x15\n\x0bhttp_status\x18\x02 \x01(\x05H\x00\x12\x15\n\x0bgrpc_status\x18\x03 \x01(\tH\x00\x12\x15\n\x0bhttp2_error\x18\x04 \x01(\tH\x00\x12\x36\n\npercentage\x18\x05 \x01(\x0b\x32\".istio.networking.v1alpha3.PercentB\x0c\n\nerror_type\"8\n\x0cPortSelector\x12\x10\n\x06number\x18\x01 \x01(\rH\x00\x12\x0e\n\x04name\x18\x02 \x01(\tH\x00\x42\x06\n\x04port\"\x18\n\x07Percent\x12\r\n\x05value\x18\x01 \x01(\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n)networking/v1alpha3/virtual_service.proto\x12\x19istio.networking.v1alpha3\x1a\x1egoogle/protobuf/duration.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a!networking/v1alpha3/sidecar.proto\"\x87\x02\n\x0eVirtualService\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x10\n\x08gateways\x18\x02 \x03(\t\x12\x32\n\x04http\x18\x03 \x03(\x0b\x32$.istio.networking.v1alpha3.HTTPRoute\x12\x30\n\x03tls\x18\x05 \x03(\x0b\x32#.istio.networking.v1alpha3.TLSRoute\x12\x30\n\x03tcp\x18\x04 \x03(\x0b\x32#.istio.networking.v1alpha3.TCPRoute\x12<\n\x0c\x63onfig_scope\x18\x06 \x01(\x0e\x32&.istio.networking.v1alpha3.ConfigScope\"b\n\x0b\x44\x65stination\x12\x0c\n\x04host\x18\x01 \x01(\t\x12\x0e\n\x06subset\x18\x02 \x01(\t\x12\x35\n\x04port\x18\x03 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\"\xf9\x08\n\tHTTPRoute\x12:\n\x05match\x18\x01 \x03(\x0b\x32+.istio.networking.v1alpha3.HTTPMatchRequest\x12>\n\x05route\x18\x02 \x03(\x0b\x32/.istio.networking.v1alpha3.HTTPRouteDestination\x12\x39\n\x08redirect\x18\x03 \x01(\x0b\x32\'.istio.networking.v1alpha3.HTTPRedirect\x12\x37\n\x07rewrite\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.HTTPRewrite\x12\x19\n\x11websocket_upgrade\x18\x05 \x01(\x08\x12*\n\x07timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x07retries\x18\x07 \x01(\x0b\x32$.istio.networking.v1alpha3.HTTPRetry\x12<\n\x05\x66\x61ult\x18\x08 \x01(\x0b\x32-.istio.networking.v1alpha3.HTTPFaultInjection\x12\x36\n\x06mirror\x18\t \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12:\n\x0b\x63ors_policy\x18\n \x01(\x0b\x32%.istio.networking.v1alpha3.CorsPolicy\x12S\n\x0e\x61ppend_headers\x18\x0b \x03(\x0b\x32\x37.istio.networking.v1alpha3.HTTPRoute.AppendHeadersEntryB\x02\x18\x01\x12#\n\x17remove_response_headers\x18\x0c \x03(\tB\x02\x18\x01\x12\x64\n\x17\x61ppend_response_headers\x18\r \x03(\x0b\x32?.istio.networking.v1alpha3.HTTPRoute.AppendResponseHeadersEntryB\x02\x18\x01\x12\"\n\x16remove_request_headers\x18\x0e \x03(\tB\x02\x18\x01\x12\x62\n\x16\x61ppend_request_headers\x18\x0f \x03(\x0b\x32>.istio.networking.v1alpha3.HTTPRoute.AppendRequestHeadersEntryB\x02\x18\x01\x12\x33\n\x07headers\x18\x10 \x01(\x0b\x32\".istio.networking.v1alpha3.Headers\x1a\x34\n\x12\x41ppendHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a<\n\x1a\x41ppendResponseHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a;\n\x19\x41ppendRequestHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xa9\x03\n\x07Headers\x12\x44\n\x07request\x18\x01 \x01(\x0b\x32\x33.istio.networking.v1alpha3.Headers.HeaderOperations\x12\x45\n\x08response\x18\x02 \x01(\x0b\x32\x33.istio.networking.v1alpha3.Headers.HeaderOperations\x1a\x90\x02\n\x10HeaderOperations\x12I\n\x03set\x18\x01 \x03(\x0b\x32<.istio.networking.v1alpha3.Headers.HeaderOperations.SetEntry\x12I\n\x03\x61\x64\x64\x18\x02 \x03(\x0b\x32<.istio.networking.v1alpha3.Headers.HeaderOperations.AddEntry\x12\x0e\n\x06remove\x18\x03 \x03(\t\x1a*\n\x08SetEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a*\n\x08\x41\x64\x64\x45ntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x84\x01\n\x08TLSRoute\x12<\n\x05match\x18\x01 \x03(\x0b\x32-.istio.networking.v1alpha3.TLSMatchAttributes\x12:\n\x05route\x18\x02 \x03(\x0b\x32+.istio.networking.v1alpha3.RouteDestination\"\x83\x01\n\x08TCPRoute\x12;\n\x05match\x18\x01 \x03(\x0b\x32,.istio.networking.v1alpha3.L4MatchAttributes\x12:\n\x05route\x18\x02 \x03(\x0b\x32+.istio.networking.v1alpha3.RouteDestination\"\xc0\x04\n\x10HTTPMatchRequest\x12\x33\n\x03uri\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x36\n\x06scheme\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x36\n\x06method\x18\x03 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12\x39\n\tauthority\x18\x04 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch\x12I\n\x07headers\x18\x05 \x03(\x0b\x32\x38.istio.networking.v1alpha3.HTTPMatchRequest.HeadersEntry\x12\x0c\n\x04port\x18\x06 \x01(\r\x12T\n\rsource_labels\x18\x07 \x03(\x0b\x32=.istio.networking.v1alpha3.HTTPMatchRequest.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x08 \x03(\t\x1aV\n\x0cHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x35\n\x05value\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.StringMatch:\x02\x38\x01\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xbc\x04\n\x14HTTPRouteDestination\x12;\n\x0b\x64\x65stination\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12\x0e\n\x06weight\x18\x02 \x01(\x05\x12#\n\x17remove_response_headers\x18\x03 \x03(\tB\x02\x18\x01\x12o\n\x17\x61ppend_response_headers\x18\x04 \x03(\x0b\x32J.istio.networking.v1alpha3.HTTPRouteDestination.AppendResponseHeadersEntryB\x02\x18\x01\x12\"\n\x16remove_request_headers\x18\x05 \x03(\tB\x02\x18\x01\x12m\n\x16\x61ppend_request_headers\x18\x06 \x03(\x0b\x32I.istio.networking.v1alpha3.HTTPRouteDestination.AppendRequestHeadersEntryB\x02\x18\x01\x12\x33\n\x07headers\x18\x07 \x01(\x0b\x32\".istio.networking.v1alpha3.Headers\x1a<\n\x1a\x41ppendResponseHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a;\n\x19\x41ppendRequestHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"_\n\x10RouteDestination\x12;\n\x0b\x64\x65stination\x18\x01 \x01(\x0b\x32&.istio.networking.v1alpha3.Destination\x12\x0e\n\x06weight\x18\x02 \x01(\x05\"\xf3\x01\n\x11L4MatchAttributes\x12\x1b\n\x13\x64\x65stination_subnets\x18\x01 \x03(\t\x12\x0c\n\x04port\x18\x02 \x01(\r\x12\x15\n\rsource_subnet\x18\x03 \x01(\t\x12U\n\rsource_labels\x18\x04 \x03(\x0b\x32>.istio.networking.v1alpha3.L4MatchAttributes.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x05 \x03(\t\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x88\x02\n\x12TLSMatchAttributes\x12\x11\n\tsni_hosts\x18\x01 \x03(\t\x12\x1b\n\x13\x64\x65stination_subnets\x18\x02 \x03(\t\x12\x0c\n\x04port\x18\x03 \x01(\r\x12\x15\n\rsource_subnet\x18\x04 \x01(\t\x12V\n\rsource_labels\x18\x05 \x03(\x0b\x32?.istio.networking.v1alpha3.TLSMatchAttributes.SourceLabelsEntry\x12\x10\n\x08gateways\x18\x06 \x03(\t\x1a\x33\n\x11SourceLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\".\n\x0cHTTPRedirect\x12\x0b\n\x03uri\x18\x01 \x01(\t\x12\x11\n\tauthority\x18\x02 \x01(\t\"-\n\x0bHTTPRewrite\x12\x0b\n\x03uri\x18\x01 \x01(\t\x12\x11\n\tauthority\x18\x02 \x01(\t\"O\n\x0bStringMatch\x12\x0f\n\x05\x65xact\x18\x01 \x01(\tH\x00\x12\x10\n\x06prefix\x18\x02 \x01(\tH\x00\x12\x0f\n\x05regex\x18\x03 \x01(\tH\x00\x42\x0c\n\nmatch_type\"c\n\tHTTPRetry\x12\x10\n\x08\x61ttempts\x18\x01 \x01(\x05\x12\x32\n\x0fper_try_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x10\n\x08retry_on\x18\x03 \x01(\t\"\xcb\x01\n\nCorsPolicy\x12\x14\n\x0c\x61llow_origin\x18\x01 \x03(\t\x12\x15\n\rallow_methods\x18\x02 \x03(\t\x12\x15\n\rallow_headers\x18\x03 \x03(\t\x12\x16\n\x0e\x65xpose_headers\x18\x04 \x03(\t\x12*\n\x07max_age\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x11\x61llow_credentials\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.BoolValue\"\x9a\x04\n\x12HTTPFaultInjection\x12\x42\n\x05\x64\x65lay\x18\x01 \x01(\x0b\x32\x33.istio.networking.v1alpha3.HTTPFaultInjection.Delay\x12\x42\n\x05\x61\x62ort\x18\x02 \x01(\x0b\x32\x33.istio.networking.v1alpha3.HTTPFaultInjection.Abort\x1a\xd1\x01\n\x05\x44\x65lay\x12\x13\n\x07percent\x18\x01 \x01(\x05\x42\x02\x18\x01\x12\x30\n\x0b\x66ixed_delay\x18\x02 \x01(\x0b\x32\x19.google.protobuf.DurationH\x00\x12\x36\n\x11\x65xponential_delay\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationH\x00\x12\x36\n\npercentage\x18\x05 \x01(\x0b\x32\".istio.networking.v1alpha3.PercentB\x11\n\x0fhttp_delay_type\x1a\xa7\x01\n\x05\x41\x62ort\x12\x13\n\x07percent\x18\x01 \x01(\x05\x42\x02\x18\x01\x12\x15\n\x0bhttp_status\x18\x02 \x01(\x05H\x00\x12\x15\n\x0bgrpc_status\x18\x03 \x01(\tH\x00\x12\x15\n\x0bhttp2_error\x18\x04 \x01(\tH\x00\x12\x36\n\npercentage\x18\x05 \x01(\x0b\x32\".istio.networking.v1alpha3.PercentB\x0c\n\nerror_type\"8\n\x0cPortSelector\x12\x10\n\x06number\x18\x01 \x01(\rH\x00\x12\x0e\n\x04name\x18\x02 \x01(\tH\x00\x42\x06\n\x04port\"\x18\n\x07Percent\x12\r\n\x05value\x18\x01 \x01(\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , - dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,google_dot_protobuf_dot_wrappers__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_service__dependency__pb2.DESCRIPTOR,]) + dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,google_dot_protobuf_dot_wrappers__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_sidecar__pb2.DESCRIPTOR,]) @@ -90,8 +90,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=183, - serialized_end=446, + serialized_start=172, + serialized_end=435, ) @@ -135,8 +135,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=448, - serialized_end=546, + serialized_start=437, + serialized_end=535, ) @@ -173,8 +173,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1519, - serialized_end=1571, + serialized_start=1508, + serialized_end=1560, ) _HTTPROUTE_APPENDRESPONSEHEADERSENTRY = _descriptor.Descriptor( @@ -210,8 +210,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1573, - serialized_end=1633, + serialized_start=1562, + serialized_end=1622, ) _HTTPROUTE_APPENDREQUESTHEADERSENTRY = _descriptor.Descriptor( @@ -247,8 +247,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1635, - serialized_end=1694, + serialized_start=1624, + serialized_end=1683, ) _HTTPROUTE = _descriptor.Descriptor( @@ -382,8 +382,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=549, - serialized_end=1694, + serialized_start=538, + serialized_end=1683, ) @@ -420,8 +420,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2036, - serialized_end=2078, + serialized_start=2025, + serialized_end=2067, ) _HEADERS_HEADEROPERATIONS_ADDENTRY = _descriptor.Descriptor( @@ -457,8 +457,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2080, - serialized_end=2122, + serialized_start=2069, + serialized_end=2111, ) _HEADERS_HEADEROPERATIONS = _descriptor.Descriptor( @@ -501,8 +501,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1850, - serialized_end=2122, + serialized_start=1839, + serialized_end=2111, ) _HEADERS = _descriptor.Descriptor( @@ -538,8 +538,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1697, - serialized_end=2122, + serialized_start=1686, + serialized_end=2111, ) @@ -576,8 +576,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2125, - serialized_end=2257, + serialized_start=2114, + serialized_end=2246, ) @@ -614,8 +614,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2260, - serialized_end=2391, + serialized_start=2249, + serialized_end=2380, ) @@ -652,8 +652,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2831, - serialized_end=2917, + serialized_start=2820, + serialized_end=2906, ) _HTTPMATCHREQUEST_SOURCELABELSENTRY = _descriptor.Descriptor( @@ -689,8 +689,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2919, - serialized_end=2970, + serialized_start=2908, + serialized_end=2959, ) _HTTPMATCHREQUEST = _descriptor.Descriptor( @@ -768,8 +768,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2394, - serialized_end=2970, + serialized_start=2383, + serialized_end=2959, ) @@ -806,8 +806,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1573, - serialized_end=1633, + serialized_start=1562, + serialized_end=1622, ) _HTTPROUTEDESTINATION_APPENDREQUESTHEADERSENTRY = _descriptor.Descriptor( @@ -843,8 +843,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1635, - serialized_end=1694, + serialized_start=1624, + serialized_end=1683, ) _HTTPROUTEDESTINATION = _descriptor.Descriptor( @@ -915,8 +915,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2973, - serialized_end=3545, + serialized_start=2962, + serialized_end=3534, ) @@ -953,8 +953,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3547, - serialized_end=3642, + serialized_start=3536, + serialized_end=3631, ) @@ -991,8 +991,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2919, - serialized_end=2970, + serialized_start=2908, + serialized_end=2959, ) _L4MATCHATTRIBUTES = _descriptor.Descriptor( @@ -1049,8 +1049,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3645, - serialized_end=3888, + serialized_start=3634, + serialized_end=3877, ) @@ -1087,8 +1087,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=2919, - serialized_end=2970, + serialized_start=2908, + serialized_end=2959, ) _TLSMATCHATTRIBUTES = _descriptor.Descriptor( @@ -1152,8 +1152,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3891, - serialized_end=4155, + serialized_start=3880, + serialized_end=4144, ) @@ -1190,8 +1190,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=4157, - serialized_end=4203, + serialized_start=4146, + serialized_end=4192, ) @@ -1228,8 +1228,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=4205, - serialized_end=4250, + serialized_start=4194, + serialized_end=4239, ) @@ -1276,8 +1276,8 @@ name='match_type', full_name='istio.networking.v1alpha3.StringMatch.match_type', index=0, containing_type=None, fields=[]), ], - serialized_start=4252, - serialized_end=4331, + serialized_start=4241, + serialized_end=4320, ) @@ -1321,8 +1321,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=4333, - serialized_end=4432, + serialized_start=4322, + serialized_end=4421, ) @@ -1387,8 +1387,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=4435, - serialized_end=4638, + serialized_start=4424, + serialized_end=4627, ) @@ -1442,8 +1442,8 @@ name='http_delay_type', full_name='istio.networking.v1alpha3.HTTPFaultInjection.Delay.http_delay_type', index=0, containing_type=None, fields=[]), ], - serialized_start=4800, - serialized_end=5009, + serialized_start=4789, + serialized_end=4998, ) _HTTPFAULTINJECTION_ABORT = _descriptor.Descriptor( @@ -1503,8 +1503,8 @@ name='error_type', full_name='istio.networking.v1alpha3.HTTPFaultInjection.Abort.error_type', index=0, containing_type=None, fields=[]), ], - serialized_start=5012, - serialized_end=5179, + serialized_start=5001, + serialized_end=5168, ) _HTTPFAULTINJECTION = _descriptor.Descriptor( @@ -1540,8 +1540,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=4641, - serialized_end=5179, + serialized_start=4630, + serialized_end=5168, ) @@ -1581,8 +1581,8 @@ name='port', full_name='istio.networking.v1alpha3.PortSelector.port', index=0, containing_type=None, fields=[]), ], - serialized_start=5181, - serialized_end=5237, + serialized_start=5170, + serialized_end=5226, ) @@ -1612,14 +1612,14 @@ extension_ranges=[], oneofs=[ ], - serialized_start=5239, - serialized_end=5263, + serialized_start=5228, + serialized_end=5252, ) _VIRTUALSERVICE.fields_by_name['http'].message_type = _HTTPROUTE _VIRTUALSERVICE.fields_by_name['tls'].message_type = _TLSROUTE _VIRTUALSERVICE.fields_by_name['tcp'].message_type = _TCPROUTE -_VIRTUALSERVICE.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_service__dependency__pb2._CONFIGSCOPE +_VIRTUALSERVICE.fields_by_name['config_scope'].enum_type = networking_dot_v1alpha3_dot_sidecar__pb2._CONFIGSCOPE _DESTINATION.fields_by_name['port'].message_type = _PORTSELECTOR _HTTPROUTE_APPENDHEADERSENTRY.containing_type = _HTTPROUTE _HTTPROUTE_APPENDRESPONSEHEADERSENTRY.containing_type = _HTTPROUTE From 77cb835a8c9c7d2d64789aab55feef8fa3a53449 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Thu, 27 Dec 2018 15:58:40 -0500 Subject: [PATCH 02/11] Sidecar Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/destination_rule.pb.go | 4 +- networking/v1alpha3/gateway.pb.go | 472 ++++++++-- networking/v1alpha3/gateway.proto | 57 +- .../istio.networking.v1alpha3.pb.html | 476 +++++----- networking/v1alpha3/sidecar.pb.go | 815 +++++++++--------- networking/v1alpha3/sidecar.proto | 230 ++--- proto.lock | 108 ++- .../networking/v1alpha3/gateway_pb2.py | 133 ++- .../networking/v1alpha3/sidecar_pb2.py | 176 ++-- 9 files changed, 1531 insertions(+), 940 deletions(-) diff --git a/networking/v1alpha3/destination_rule.pb.go b/networking/v1alpha3/destination_rule.pb.go index a6fb51f65c..dd6077c6e5 100644 --- a/networking/v1alpha3/destination_rule.pb.go +++ b/networking/v1alpha3/destination_rule.pb.go @@ -24,8 +24,10 @@ Gateway Server Port + WorkloadSelector ServiceEntry - ServiceDependency + Sidecar + IstioListener VirtualService Destination HTTPRoute diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index 2ae532566e..1f375a3acb 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -118,8 +118,9 @@ func (Server_TLSOptions_TLSProtocol) EnumDescriptor() ([]byte, []int) { // name: my-gateway // namespace: some-config-namespace // spec: -// selector: -// app: my-gateway-controller +// workloadSelector: +// labels: +// app: my-gateway-controller // servers: // - port: // number: 80 @@ -236,12 +237,16 @@ func (Server_TLSOptions_TLSProtocol) EnumDescriptor() ([]byte, []int) { type Gateway struct { // REQUIRED: A list of server specifications. Servers []*Server `protobuf:"bytes,1,rep,name=servers" json:"servers,omitempty"` - // REQUIRED: One or more labels that indicate a specific set of pods/VMs - // on which this gateway configuration should be applied. - // The scope of label search is platform dependent. - // On Kubernetes, for example, the scope includes pods running in - // all reachable namespaces. + // One or more labels that indicate a specific set of pods/VMs on which + // this gateway configuration should be applied. The scope of label + // search is platform dependent. On Kubernetes, for example, the scope + // includes pods running in all reachable namespaces. Precisely one of + // selector or workloadSelector MUST be specified. Selector map[string]string `protobuf:"bytes,2,rep,name=selector" json:"selector,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // Criteria used to select the specific set of pods/VMs on which this + // gateway configuration should be applied. Precisely one of selector + // or workloadSelector must be specified. + WorkloadSelector *WorkloadSelector `protobuf:"bytes,3,opt,name=workload_selector,json=workloadSelector" json:"workload_selector,omitempty"` } func (m *Gateway) Reset() { *m = Gateway{} } @@ -263,6 +268,13 @@ func (m *Gateway) GetSelector() map[string]string { return nil } +func (m *Gateway) GetWorkloadSelector() *WorkloadSelector { + if m != nil { + return m.WorkloadSelector + } + return nil +} + // `Server` describes the properties of the proxy on a given load balancer // port. For example, // @@ -272,8 +284,9 @@ func (m *Gateway) GetSelector() map[string]string { // metadata: // name: my-ingress // spec: -// selector: -// app: my-ingress-gateway +// workloadSelector: +// labels: +// app: my-ingress-gateway // servers: // - port: // number: 80 @@ -291,8 +304,9 @@ func (m *Gateway) GetSelector() map[string]string { // metadata: // name: my-tcp-ingress // spec: -// selector: -// app: my-tcp-ingress-gateway +// workloadSelector: +// labels: +// app: my-tcp-ingress-gateway // servers: // - port: // number: 27018 @@ -310,8 +324,9 @@ func (m *Gateway) GetSelector() map[string]string { // metadata: // name: my-tls-ingress // spec: -// selector: -// app: my-tls-ingress-gateway +// workloadSelector: +// labels: +// app: my-tls-ingress-gateway // servers: // - port: // number: 443 @@ -512,11 +527,46 @@ func (m *Port) GetName() string { return "" } +// WorkloadSelector specifies the criteria used to determine if the Gateway +// or Sidecar resource can be applied to a given workload. If multiple +// conditions are specified, all conditions need to match in order for the +// workload to be selected. +type WorkloadSelector struct { + // One or more labels that indicate a specific set of pods/VMs on which + // this gateway/sidecar configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // workload is present. + Labels map[string]string `protobuf:"bytes,1,rep,name=labels" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // The IP address of the workload (as seen by Pilot) on which this + // gateway/sidecar configuration should be applied. + Ip string `protobuf:"bytes,2,opt,name=ip,proto3" json:"ip,omitempty"` +} + +func (m *WorkloadSelector) Reset() { *m = WorkloadSelector{} } +func (m *WorkloadSelector) String() string { return proto.CompactTextString(m) } +func (*WorkloadSelector) ProtoMessage() {} +func (*WorkloadSelector) Descriptor() ([]byte, []int) { return fileDescriptorGateway, []int{3} } + +func (m *WorkloadSelector) GetLabels() map[string]string { + if m != nil { + return m.Labels + } + return nil +} + +func (m *WorkloadSelector) GetIp() string { + if m != nil { + return m.Ip + } + return "" +} + func init() { proto.RegisterType((*Gateway)(nil), "istio.networking.v1alpha3.Gateway") proto.RegisterType((*Server)(nil), "istio.networking.v1alpha3.Server") proto.RegisterType((*Server_TLSOptions)(nil), "istio.networking.v1alpha3.Server.TLSOptions") proto.RegisterType((*Port)(nil), "istio.networking.v1alpha3.Port") + proto.RegisterType((*WorkloadSelector)(nil), "istio.networking.v1alpha3.WorkloadSelector") proto.RegisterEnum("istio.networking.v1alpha3.Server_TLSOptions_TLSmode", Server_TLSOptions_TLSmode_name, Server_TLSOptions_TLSmode_value) proto.RegisterEnum("istio.networking.v1alpha3.Server_TLSOptions_TLSProtocol", Server_TLSOptions_TLSProtocol_name, Server_TLSOptions_TLSProtocol_value) } @@ -564,6 +614,16 @@ func (m *Gateway) MarshalTo(dAtA []byte) (int, error) { i += copy(dAtA[i:], v) } } + if m.WorkloadSelector != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintGateway(dAtA, i, uint64(m.WorkloadSelector.Size())) + n1, err := m.WorkloadSelector.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + } return i, nil } @@ -586,11 +646,11 @@ func (m *Server) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0xa i++ i = encodeVarintGateway(dAtA, i, uint64(m.Port.Size())) - n1, err := m.Port.MarshalTo(dAtA[i:]) + n2, err := m.Port.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n1 + i += n2 } if len(m.Hosts) > 0 { for _, s := range m.Hosts { @@ -611,11 +671,11 @@ func (m *Server) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x1a i++ i = encodeVarintGateway(dAtA, i, uint64(m.Tls.Size())) - n2, err := m.Tls.MarshalTo(dAtA[i:]) + n3, err := m.Tls.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n2 + i += n3 } return i, nil } @@ -746,6 +806,47 @@ func (m *Port) MarshalTo(dAtA []byte) (int, error) { return i, nil } +func (m *WorkloadSelector) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *WorkloadSelector) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if len(m.Labels) > 0 { + for k, _ := range m.Labels { + dAtA[i] = 0xa + i++ + v := m.Labels[k] + mapSize := 1 + len(k) + sovGateway(uint64(len(k))) + 1 + len(v) + sovGateway(uint64(len(v))) + i = encodeVarintGateway(dAtA, i, uint64(mapSize)) + dAtA[i] = 0xa + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(k))) + i += copy(dAtA[i:], k) + dAtA[i] = 0x12 + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(v))) + i += copy(dAtA[i:], v) + } + } + if len(m.Ip) > 0 { + dAtA[i] = 0x12 + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(m.Ip))) + i += copy(dAtA[i:], m.Ip) + } + return i, nil +} + func encodeVarintGateway(dAtA []byte, offset int, v uint64) int { for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) @@ -772,6 +873,10 @@ func (m *Gateway) Size() (n int) { n += mapEntrySize + 1 + sovGateway(uint64(mapEntrySize)) } } + if m.WorkloadSelector != nil { + l = m.WorkloadSelector.Size() + n += 1 + l + sovGateway(uint64(l)) + } return n } @@ -854,6 +959,24 @@ func (m *Port) Size() (n int) { return n } +func (m *WorkloadSelector) Size() (n int) { + var l int + _ = l + if len(m.Labels) > 0 { + for k, v := range m.Labels { + _ = k + _ = v + mapEntrySize := 1 + len(k) + sovGateway(uint64(len(k))) + 1 + len(v) + sovGateway(uint64(len(v))) + n += mapEntrySize + 1 + sovGateway(uint64(mapEntrySize)) + } + } + l = len(m.Ip) + if l > 0 { + n += 1 + l + sovGateway(uint64(l)) + } + return n +} + func sovGateway(x uint64) (n int) { for { n++ @@ -1045,6 +1168,39 @@ func (m *Gateway) Unmarshal(dAtA []byte) error { } m.Selector[mapkey] = mapvalue iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field WorkloadSelector", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.WorkloadSelector == nil { + m.WorkloadSelector = &WorkloadSelector{} + } + if err := m.WorkloadSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGateway(dAtA[iNdEx:]) @@ -1610,6 +1766,203 @@ func (m *Port) Unmarshal(dAtA []byte) error { } return nil } +func (m *WorkloadSelector) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: WorkloadSelector: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: WorkloadSelector: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Labels", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Labels == nil { + m.Labels = make(map[string]string) + } + var mapkey string + var mapvalue string + for iNdEx < postIndex { + entryPreIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + if fieldNum == 1 { + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapkey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthGateway + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + } else if fieldNum == 2 { + var stringLenmapvalue uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapvalue |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapvalue := int(stringLenmapvalue) + if intStringLenmapvalue < 0 { + return ErrInvalidLengthGateway + } + postStringIndexmapvalue := iNdEx + intStringLenmapvalue + if postStringIndexmapvalue > l { + return io.ErrUnexpectedEOF + } + mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) + iNdEx = postStringIndexmapvalue + } else { + iNdEx = entryPreIndex + skippy, err := skipGateway(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGateway + } + if (iNdEx + skippy) > postIndex { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + m.Labels[mapkey] = mapvalue + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ip", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ip = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGateway(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthGateway + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipGateway(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 @@ -1718,44 +2071,49 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/gateway.proto", fileDescriptorGateway) } var fileDescriptorGateway = []byte{ - // 623 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0x5d, 0x4f, 0xdb, 0x3c, - 0x18, 0x25, 0x6d, 0xe9, 0xc7, 0x53, 0x0a, 0xc1, 0x42, 0xaf, 0xf2, 0x72, 0xc1, 0x47, 0xa7, 0x69, - 0x68, 0xda, 0x52, 0x68, 0x77, 0x81, 0x86, 0x34, 0xa9, 0x9b, 0x10, 0x9d, 0x56, 0x68, 0xe5, 0xb4, - 0x5c, 0xec, 0x26, 0x32, 0xc1, 0xa3, 0x86, 0x34, 0x8e, 0x6c, 0xb7, 0xd0, 0xbf, 0xb6, 0x5f, 0xb0, - 0x4b, 0xf6, 0x0f, 0x26, 0x7e, 0xc9, 0x64, 0x27, 0xa5, 0xdd, 0x17, 0x13, 0xda, 0x9d, 0xcf, 0xf1, - 0x39, 0xe7, 0xf1, 0xf3, 0xd8, 0x09, 0x6c, 0x47, 0x54, 0x5d, 0x73, 0x71, 0xc5, 0xa2, 0x8b, 0xda, - 0x78, 0x8f, 0x84, 0xf1, 0x80, 0x34, 0x6a, 0x17, 0x44, 0xd1, 0x6b, 0x32, 0x71, 0x63, 0xc1, 0x15, - 0x47, 0xff, 0x33, 0xa9, 0x18, 0x77, 0x67, 0x42, 0x77, 0x2a, 0xac, 0x7e, 0xb5, 0xa0, 0x70, 0x94, - 0x88, 0xd1, 0x01, 0x14, 0x24, 0x15, 0x63, 0x2a, 0xa4, 0x63, 0x6d, 0x65, 0x77, 0xca, 0xf5, 0x6d, - 0xf7, 0x8f, 0x46, 0xd7, 0x33, 0x4a, 0x3c, 0x75, 0xa0, 0x36, 0x14, 0x25, 0x0d, 0x69, 0xa0, 0xb8, - 0x70, 0x32, 0xc6, 0xbd, 0xfb, 0x80, 0x3b, 0x2d, 0xe9, 0x7a, 0xa9, 0xe5, 0x30, 0x52, 0x62, 0x82, - 0xef, 0x13, 0xd6, 0x0f, 0xa0, 0xf2, 0xc3, 0x16, 0xb2, 0x21, 0x7b, 0x45, 0x27, 0x8e, 0xb5, 0x65, - 0xed, 0x94, 0xb0, 0x5e, 0xa2, 0x35, 0x58, 0x1c, 0x93, 0x70, 0x44, 0x9d, 0x8c, 0xe1, 0x12, 0xf0, - 0x3a, 0xb3, 0x6f, 0x55, 0x6f, 0xf3, 0x90, 0x4f, 0x8e, 0x87, 0x1a, 0x90, 0x8b, 0xb9, 0x50, 0xc6, - 0x57, 0xae, 0x6f, 0x3e, 0x70, 0xa2, 0x2e, 0x17, 0x0a, 0x1b, 0xb1, 0x4e, 0x1e, 0x70, 0xa9, 0xa4, - 0xe9, 0xa3, 0x84, 0x13, 0x80, 0xde, 0x40, 0x56, 0x85, 0xd2, 0xc9, 0x9a, 0xa4, 0x17, 0x7f, 0x9d, - 0x8c, 0xdb, 0x6b, 0x7b, 0x9d, 0x58, 0x31, 0x1e, 0x49, 0xac, 0x8d, 0xeb, 0x9f, 0x17, 0x01, 0x66, - 0x1c, 0x7a, 0x0a, 0xcb, 0x03, 0xa5, 0x62, 0xe9, 0x0b, 0x7a, 0xce, 0x04, 0x0d, 0x92, 0x33, 0x16, - 0x71, 0xc5, 0xb0, 0x38, 0x25, 0x51, 0x0b, 0x72, 0x43, 0x7e, 0x9e, 0x34, 0xb9, 0x5c, 0x7f, 0xf5, - 0x98, 0xb2, 0x7a, 0xa9, 0xbd, 0xd8, 0x24, 0xa0, 0x97, 0x80, 0x92, 0xbb, 0xf2, 0x03, 0x2a, 0x14, - 0xfb, 0xc4, 0x02, 0xa2, 0xa8, 0x69, 0xa7, 0x84, 0x57, 0x93, 0x9d, 0x77, 0xb3, 0x0d, 0xb4, 0x09, - 0xe5, 0x58, 0xb0, 0x31, 0x51, 0xd4, 0xd7, 0x83, 0xcf, 0x19, 0x1d, 0xa4, 0xd4, 0x07, 0x3a, 0x41, - 0xcf, 0x60, 0x25, 0x20, 0xf3, 0x59, 0xd2, 0x59, 0x34, 0xa2, 0xe5, 0x80, 0xcc, 0x05, 0x49, 0xf4, - 0x1c, 0x56, 0xe5, 0xe8, 0xec, 0x92, 0x06, 0xca, 0x27, 0xa1, 0xf2, 0x23, 0x32, 0xa4, 0xd2, 0xc9, - 0x9b, 0xd1, 0xae, 0xa4, 0x1b, 0xcd, 0x50, 0x9d, 0x68, 0x1a, 0x5d, 0xc2, 0xda, 0x90, 0x45, 0xbe, - 0x79, 0xb6, 0x01, 0x0f, 0x7d, 0xfd, 0xb4, 0x18, 0x8f, 0x9c, 0x82, 0x69, 0x7f, 0xff, 0xb1, 0xed, - 0x77, 0xd3, 0x1c, 0x8c, 0x86, 0x2c, 0x9a, 0x82, 0xd3, 0x24, 0xd3, 0xd4, 0x22, 0x37, 0xbf, 0xd6, - 0x2a, 0xfe, 0x73, 0x2d, 0x72, 0xf3, 0x73, 0xad, 0x27, 0x50, 0x09, 0x58, 0x3c, 0xa0, 0xc2, 0x97, - 0x23, 0xa6, 0x47, 0x55, 0x32, 0xfd, 0x2f, 0x25, 0xa4, 0x67, 0xb8, 0x6a, 0x0b, 0x0a, 0xe9, 0x95, - 0xa1, 0x15, 0x28, 0x77, 0x9b, 0x9e, 0xd7, 0x6b, 0xe1, 0x4e, 0xff, 0xa8, 0x65, 0x2f, 0x20, 0x80, - 0xbc, 0xf7, 0xfe, 0xb8, 0xdb, 0x3e, 0xb4, 0x2d, 0xbd, 0x3e, 0xee, 0xf7, 0xfa, 0xcd, 0xb6, 0x9d, - 0x41, 0x6b, 0x60, 0x37, 0xfb, 0xbd, 0x8e, 0x3f, 0xaf, 0xce, 0x56, 0x3b, 0x50, 0x9e, 0x3b, 0x11, - 0x5a, 0x82, 0x62, 0xaf, 0xed, 0xf9, 0x5a, 0x68, 0x2f, 0xa0, 0xb2, 0x29, 0x73, 0xba, 0xe7, 0xef, - 0xda, 0xd6, 0x0c, 0xec, 0xd9, 0x99, 0x19, 0xa8, 0xdb, 0xd9, 0x19, 0x68, 0xd8, 0xb9, 0xea, 0x09, - 0xe4, 0xf4, 0x07, 0x82, 0xfe, 0x83, 0x7c, 0x34, 0x1a, 0x9e, 0x51, 0x61, 0x5e, 0x6b, 0x05, 0xa7, - 0x08, 0xad, 0x43, 0x71, 0x3a, 0xc7, 0xf4, 0x7b, 0xbc, 0xc7, 0x08, 0x41, 0x4e, 0xdf, 0x79, 0xfa, - 0xd4, 0xcc, 0xfa, 0xad, 0xfb, 0xe5, 0x6e, 0xc3, 0xba, 0xbd, 0xdb, 0xb0, 0xbe, 0xdd, 0x6d, 0x58, - 0x1f, 0xb7, 0x92, 0x51, 0x33, 0x5e, 0x23, 0x31, 0xab, 0xfd, 0xe6, 0x7f, 0x76, 0x96, 0x37, 0x69, - 0x8d, 0xef, 0x01, 0x00, 0x00, 0xff, 0xff, 0x60, 0xb9, 0xea, 0xae, 0xed, 0x04, 0x00, 0x00, + // 703 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0xdd, 0x4e, 0xdb, 0x48, + 0x14, 0xc6, 0x4e, 0xc8, 0xcf, 0x31, 0x09, 0x66, 0x84, 0x56, 0xde, 0x5c, 0x40, 0xc8, 0x6a, 0xb5, + 0x68, 0xdb, 0x3a, 0x90, 0x54, 0x2a, 0x2d, 0x52, 0xa5, 0x50, 0x21, 0x52, 0x35, 0x90, 0x68, 0x9c, + 0xd0, 0xaa, 0x37, 0xd6, 0xc4, 0x4c, 0xc9, 0x80, 0x63, 0x5b, 0xf6, 0x24, 0x90, 0x97, 0x6a, 0xef, + 0xfb, 0x04, 0xbd, 0xe4, 0x11, 0x2a, 0x9e, 0xa4, 0xf2, 0x78, 0x42, 0x52, 0xda, 0x52, 0x45, 0xbd, + 0x9b, 0xf3, 0xf9, 0xfb, 0xbe, 0xf3, 0xe3, 0x99, 0x03, 0x5b, 0x1e, 0xe5, 0x57, 0x7e, 0x78, 0xc9, + 0xbc, 0xf3, 0xea, 0x78, 0x97, 0xb8, 0xc1, 0x80, 0xd4, 0xab, 0xe7, 0x84, 0xd3, 0x2b, 0x32, 0x31, + 0x83, 0xd0, 0xe7, 0x3e, 0xfa, 0x9b, 0x45, 0x9c, 0xf9, 0xe6, 0x8c, 0x68, 0x4e, 0x89, 0x95, 0x4f, + 0x2a, 0x64, 0x8f, 0x12, 0x32, 0xda, 0x87, 0x6c, 0x44, 0xc3, 0x31, 0x0d, 0x23, 0x43, 0x29, 0xa7, + 0xb6, 0xb5, 0xda, 0x96, 0xf9, 0x4b, 0xa1, 0x69, 0x09, 0x26, 0x9e, 0x2a, 0x50, 0x07, 0x72, 0x11, + 0x75, 0xa9, 0xc3, 0xfd, 0xd0, 0x50, 0x85, 0x7a, 0xe7, 0x01, 0xb5, 0x4c, 0x69, 0x5a, 0x52, 0x72, + 0xe8, 0xf1, 0x70, 0x72, 0xa0, 0x1a, 0x0a, 0xbe, 0x73, 0x41, 0xef, 0x60, 0x2d, 0xd6, 0xb9, 0x3e, + 0x39, 0xb3, 0xef, 0xac, 0x53, 0x65, 0x65, 0x5b, 0xab, 0x3d, 0x7a, 0xc0, 0xfa, 0xad, 0xd4, 0x4c, + 0xad, 0xb1, 0x7e, 0x75, 0x0f, 0x29, 0xed, 0x43, 0xe1, 0xbb, 0xc4, 0x48, 0x87, 0xd4, 0x25, 0x9d, + 0x18, 0x4a, 0x59, 0xd9, 0xce, 0xe3, 0xf8, 0x88, 0xd6, 0x61, 0x79, 0x4c, 0xdc, 0x11, 0x35, 0x54, + 0x81, 0x25, 0xc1, 0x0b, 0x75, 0x4f, 0xa9, 0xdc, 0x64, 0x20, 0x93, 0x34, 0x8f, 0xea, 0x90, 0x0e, + 0xfc, 0x90, 0x0b, 0x9d, 0x56, 0xdb, 0x7c, 0xa0, 0xa8, 0x8e, 0x1f, 0x72, 0x2c, 0xc8, 0xb1, 0xf3, + 0xc0, 0x8f, 0x78, 0x24, 0xa6, 0x94, 0xc7, 0x49, 0x80, 0x5e, 0x42, 0x8a, 0xbb, 0x91, 0x6c, 0xef, + 0xf1, 0x6f, 0xe7, 0x6e, 0x76, 0x5b, 0x56, 0x3b, 0xe0, 0xcc, 0xf7, 0x22, 0x1c, 0x0b, 0x4b, 0x9f, + 0x97, 0x01, 0x66, 0x18, 0xfa, 0x17, 0x8a, 0x03, 0xce, 0x83, 0xc8, 0x0e, 0xe9, 0x19, 0x0b, 0xa9, + 0x93, 0xd4, 0x98, 0xc3, 0x05, 0x81, 0x62, 0x09, 0xa2, 0x26, 0xa4, 0x87, 0xfe, 0x59, 0xd2, 0x64, + 0xb1, 0xf6, 0x74, 0x91, 0xb4, 0xf1, 0x31, 0xd6, 0x62, 0xe1, 0x80, 0x9e, 0x00, 0x4a, 0x6e, 0x82, + 0xed, 0xd0, 0x90, 0xb3, 0x0f, 0xcc, 0x21, 0x9c, 0x8a, 0x76, 0xf2, 0x78, 0x2d, 0xf9, 0xf2, 0x6a, + 0xf6, 0x01, 0x6d, 0x82, 0x16, 0x84, 0x6c, 0x4c, 0x38, 0xb5, 0xe3, 0xc1, 0xa7, 0x05, 0x0f, 0x24, + 0xf4, 0x86, 0x4e, 0xd0, 0x7f, 0xb0, 0xea, 0x90, 0x79, 0xaf, 0xc8, 0x58, 0x16, 0xa4, 0xa2, 0x43, + 0xe6, 0x8c, 0x22, 0xf4, 0x3f, 0xac, 0x45, 0xa3, 0xfe, 0x05, 0x75, 0xb8, 0x4d, 0x5c, 0x6e, 0x7b, + 0x64, 0x48, 0x23, 0x23, 0x23, 0x46, 0xbb, 0x2a, 0x3f, 0x34, 0x5c, 0x7e, 0x12, 0xc3, 0xe8, 0x02, + 0xd6, 0x87, 0xcc, 0xb3, 0xc5, 0xa3, 0x70, 0x7c, 0xd7, 0x8e, 0x2f, 0x2e, 0xf3, 0x3d, 0x23, 0x2b, + 0xda, 0xdf, 0x5b, 0xb4, 0xfd, 0x8e, 0xf4, 0xc1, 0x68, 0xc8, 0xbc, 0x69, 0x70, 0x9a, 0x78, 0x8a, + 0x5c, 0xe4, 0xfa, 0xc7, 0x5c, 0xb9, 0x3f, 0xce, 0x45, 0xae, 0xef, 0xe7, 0xfa, 0x07, 0x0a, 0x0e, + 0x0b, 0x06, 0x34, 0xb4, 0xa3, 0x11, 0x8b, 0x47, 0x95, 0x17, 0xfd, 0xaf, 0x24, 0xa0, 0x25, 0xb0, + 0x4a, 0x13, 0xb2, 0xf2, 0x97, 0xa1, 0x55, 0xd0, 0x3a, 0x0d, 0xcb, 0xea, 0x36, 0x71, 0xbb, 0x77, + 0xd4, 0xd4, 0x97, 0x10, 0x40, 0xc6, 0x7a, 0x7d, 0xdc, 0x69, 0x1d, 0xea, 0x4a, 0x7c, 0x3e, 0xee, + 0x75, 0x7b, 0x8d, 0x96, 0xae, 0xa2, 0x75, 0xd0, 0x1b, 0xbd, 0x6e, 0xdb, 0x9e, 0x67, 0xa7, 0x2a, + 0x6d, 0xd0, 0xe6, 0x2a, 0x42, 0x2b, 0x90, 0xeb, 0xb6, 0x2c, 0x3b, 0x26, 0xea, 0x4b, 0x48, 0x13, + 0x69, 0x4e, 0x77, 0xed, 0x1d, 0x5d, 0x99, 0x05, 0xbb, 0xba, 0x3a, 0x0b, 0x6a, 0x7a, 0x6a, 0x16, + 0xd4, 0xf5, 0x74, 0xe5, 0x04, 0xd2, 0xf1, 0x03, 0x41, 0x7f, 0x41, 0xc6, 0x1b, 0x0d, 0xfb, 0x34, + 0x14, 0xb7, 0xb5, 0x80, 0x65, 0x84, 0x4a, 0x90, 0x9b, 0xce, 0x51, 0xbe, 0xc7, 0xbb, 0x18, 0x21, + 0x48, 0xc7, 0xff, 0x5c, 0x5e, 0x35, 0x71, 0xae, 0x7c, 0x54, 0x40, 0xbf, 0xbf, 0x06, 0x50, 0x1b, + 0x32, 0x2e, 0xe9, 0x53, 0x77, 0xba, 0xdc, 0x9e, 0x2d, 0xb0, 0x43, 0xcc, 0x96, 0x50, 0x8a, 0x65, + 0x81, 0xa5, 0x0d, 0x2a, 0x82, 0xca, 0x02, 0x59, 0x8f, 0xca, 0x82, 0xd2, 0x73, 0xd0, 0xe6, 0x68, + 0x8b, 0xec, 0x94, 0x03, 0xf3, 0xcb, 0xed, 0x86, 0x72, 0x73, 0xbb, 0xa1, 0x7c, 0xbd, 0xdd, 0x50, + 0xde, 0x97, 0x93, 0xc2, 0x98, 0x5f, 0x25, 0x01, 0xab, 0xfe, 0x64, 0xbd, 0xf7, 0x33, 0xa2, 0xfd, + 0xfa, 0xb7, 0x00, 0x00, 0x00, 0xff, 0xff, 0xb7, 0x3f, 0x81, 0x66, 0xfc, 0x05, 0x00, 0x00, } diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index 4f857dd8d2..0cec634b68 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -38,8 +38,9 @@ option go_package = "istio.io/api/networking/v1alpha3"; // name: my-gateway // namespace: some-config-namespace // spec: -// selector: -// app: my-gateway-controller +// workloadSelector: +// labels: +// app: my-gateway-controller // servers: // - port: // number: 80 @@ -157,12 +158,17 @@ message Gateway { // REQUIRED: A list of server specifications. repeated Server servers = 1; - // REQUIRED: One or more labels that indicate a specific set of pods/VMs - // on which this gateway configuration should be applied. - // The scope of label search is platform dependent. - // On Kubernetes, for example, the scope includes pods running in - // all reachable namespaces. - map selector = 2; + // One or more labels that indicate a specific set of pods/VMs on which + // this gateway configuration should be applied. The scope of label + // search is platform dependent. On Kubernetes, for example, the scope + // includes pods running in all reachable namespaces. Precisely one of + // selector or workloadSelector MUST be specified. + map selector = 2 [deprecated=true]; + + // Criteria used to select the specific set of pods/VMs on which this + // gateway configuration should be applied. Precisely one of selector + // or workloadSelector must be specified. + WorkloadSelector workload_selector = 3; } // `Server` describes the properties of the proxy on a given load balancer @@ -174,8 +180,9 @@ message Gateway { // metadata: // name: my-ingress // spec: -// selector: -// app: my-ingress-gateway +// workloadSelector: +// labels: +// app: my-ingress-gateway // servers: // - port: // number: 80 @@ -193,8 +200,9 @@ message Gateway { // metadata: // name: my-tcp-ingress // spec: -// selector: -// app: my-tcp-ingress-gateway +// workloadSelector: +// labels: +// app: my-tcp-ingress-gateway // servers: // - port: // number: 27018 @@ -212,8 +220,9 @@ message Gateway { // metadata: // name: my-tls-ingress // spec: -// selector: -// app: my-tls-ingress-gateway +// workloadSelector: +// labels: +// app: my-tls-ingress-gateway // servers: // - port: // number: 443 @@ -350,3 +359,23 @@ message Port { // Label assigned to the port. string name = 3; } + +// WorkloadSelector specifies the criteria used to determine if the Gateway +// or Sidecar resource can be applied to a given workload. If multiple +// conditions are specified, all conditions need to match in order for the +// workload to be selected. +message WorkloadSelector { + // One or more labels that indicate a specific set of pods/VMs on which + // this gateway/sidecar configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // workload is present. + map labels = 1; + + // The IP address of the workload (as seen by Pilot) on which this + // gateway/sidecar configuration should be applied. + string ip = 2; + + // [#not-implemented-hide:] + // other forms of identification such as X509 fields, tenant IDs, JWT, + // etc. will be added in future. +} diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 96792fe1a9..f9f7e52fe0 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -43,7 +43,7 @@

ConfigScope

a namespace when the namespace is imported. By default all configuration artifacts are public. Configurations with private scope will not be imported when the namespace containing the configuration is -imported in a ServiceDependency.

+imported in a Sidecar.

NameDescription
ALL_NAMESPACES -

Configure routes to services in all namespaces, i.e. import -services from all namespaces.

- -
SAME_NAMESPACE -

Only configure routes to services that are in the same namespace -as the workload as well as services in namespaces specified in -importNamespaces.

-
@@ -1091,8 +1091,9 @@

Gateway

name: my-gateway namespace: some-config-namespace spec: - selector: - app: my-gateway-controller + workloadSelector: + labels: + app: my-gateway-controller servers: - port: number: 80 @@ -1223,15 +1224,25 @@

Gateway

- + + + + + + @@ -2132,6 +2143,109 @@

Headers.HeaderOperations

+ + +
selector map<string, string> -

REQUIRED: One or more labels that indicate a specific set of pods/VMs -on which this gateway configuration should be applied. -The scope of label search is platform dependent. -On Kubernetes, for example, the scope includes pods running in -all reachable namespaces.

+

One or more labels that indicate a specific set of pods/VMs on which +this gateway configuration should be applied. The scope of label +search is platform dependent. On Kubernetes, for example, the scope +includes pods running in all reachable namespaces. Precisely one of +selector or workloadSelector MUST be specified.

+ +
workloadSelectorWorkloadSelector +

Criteria used to select the specific set of pods/VMs on which this +gateway configuration should be applied. Precisely one of selector +or workloadSelector must be specified.

Remove a the specified headers

+
+
+

IstioListener

+
+

IstioListener specifies the properties of a single listener on the +sidecar proxy attached to a workload.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -2645,8 +2759,9 @@

Server

metadata: name: my-ingress spec: - selector: - app: my-ingress-gateway + workloadSelector: + labels: + app: my-ingress-gateway servers: - port: number: 80 @@ -2663,8 +2778,9 @@

Server

metadata: name: my-tcp-ingress spec: - selector: - app: my-tcp-ingress-gateway + workloadSelector: + labels: + app: my-tcp-ingress-gateway servers: - port: number: 27018 @@ -2681,8 +2797,9 @@

Server

metadata: name: my-tls-ingress spec: - selector: - app: my-tls-ingress-gateway + workloadSelector: + labels: + app: my-tls-ingress-gateway servers: - port: number: 443 @@ -2943,186 +3060,6 @@

Server.TLSOptions.TLSmode

their respective endpoints. Use of this mode assumes that both the source and the destination are using Istio mTLS to secure traffic.

- - - -
FieldTypeDescription
namestring +

An arbitrary name associated with the listener used for emitting metrics.

+ +
bindAddressstring +

The ip:port or the unix domain socket to which the listener should be +bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or +unix://@foobar (Linux abstract namespace). To bind to any IP with +specific port, use tcp://0.0.0.0:

+ +
bindToPortbool +

When the bind address is an IP:port, the bindToPort option dictates +whether or not the sidecar should bind its listener socket to the +specified port. Set bindToPort to false (default) if application +traffic entering/leaving a pod/VM is captured automatically through +iptables redirection and forwarded to the sidecar on a specific port +(see proxyListenPort in the global MeshConfig). When not using +iptables for traffic capture, set bindToPort to true to force the +sidecar to bind to the specified port. Note that the binding might +fail if the application workload is already bound to the same port.

+ +
protocolstring +

The protocol associated with this listener. +MUST BE one of HTTP|TCP|TLS|MONGO. +TLS implies the connection will be routed based on the SNI header. +HTTP implies HTTP 1.1/HTTP 2/gRPC

+ +
hostsstring[] +

One or more hosts (HTTP or SNI) exposed by the listener in +namespace/dnsName format. Hosts will be ignored for ingress +servers. For egress servers, the hosts field results in importing +one or more publicly scoped services and VirtualServices from remote +namespaces. The service in a namespace can be a service in the service +registry (e.g., a kubernetes or cloud foundry service) or a service +specified via ServiceEntry configuration. In addition, any publicly +scoped DestinationRule associated with the imported services will also +be imported.

+ +

Set the namespace to * to import a particular service from any +available namespace (e.g., “*/foo.example.com”). Set the dnsName field +to * to import all services from the specified namespace (e.g., +“prod/”). Wildcard DNS names can be used to import a specific set of +services from the specified namespace (e.g., “prod/.example.com”).

+ +

NOTE: Only exported services and configuration artifacts from a +namespace can be imported. Private services/configuration will not be +imported. Refer to the scope setting associated with VirtualService, +DestinationRule, ServiceEntry, etc. for details.

+ +
defaultEndpointstring +

The IP endpoint or unix domain socket to which traffic should be +forwarded to by default. In the context of an ingress server, this +configuration can be used to redirect traffic arriving at the bind +point on the sidecar to a port or unix domain socket where the +application workload is listening for connections. Format should be +tcp://127.0.0.1:PORT or unix:///path/to/socket

+
-
-

ServiceDependency

-
-

ServiceDependency describes the set of services that a workload depends on -for its operation. In other words, it describes the properties of -outgoing traffic from a given workload. By default, the service mesh -established by Istio will have a full mesh connectivity - i.e. every -workload will have proxy configuration required to reach every other -workload in the mesh. However most connectivity graphs are sparse in -practice. The ServiceDependency provides a way to declare the service -dependencies associated with each workload such that the amount of -configuration sent to the sidecars can be scoped to the requisite -dependencies.

- -

Services and configuration in a mesh are organized into one or more -namespaces (e.g., a Kubernetes namespace or a CF org/space). Workloads -in a namespace have an implicit dependency on other workloads in the -same namespace. In addition, to declare dependencies on workloads in -other namespaces, a ServiceDependency resource has to be specified in the -current namespace. Each namespace MUST have only one ServiceDependency -resource named “default”. The behavior of the system is undefined if -more than one ServiceDependency resource exists in a given namespace. The set -of dependencies specified in a ServiceDependency resource will be used to -compute the sidecar configuration for every workload in the namespace.

- -

NOTE 1: If workloads in the mesh depend only on other workloads in the -same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE -in the mesh global config map (in values.yaml).

- -

NOTE 2: To facilitate incremental pruning of the the sidecar -configuration, the default import mode for the mesh is set to -ALL_NAMESPACES. In other words, every workload will be able to reach -every other workload. Adding a ServiceDependency resource in a namespace will -automatically prune the configuration for the workloads in that -namespace.

- -

The following examples illustrate a few specific use cases of ServiceDependency.

- -

The example below delcares a ServiceDependency resource in the prod-us1 -namespace that specifies that workloads in the namespace will be able to -reach the services in the prod-apis namespace only.

- -
apiVersion: networking.istio.io/v1alpha3
-kind: ServiceDependency
-metadata:
-  name: default
-  namespace: prod-us1
-spec:
-  dependencies:
-  - imports:
-    - namespace: prod-apis
-
- -

In a mesh where the default service dependency is set to SAME_NAMESPACE -only, if one or more workloads need to be able to reach every other -service in the mesh (e.g., metrics collection server), the following -ServiceDependency resource can be used to specify such a dependency:

- -
apiVersion: networking.istio.io/v1alpha3
-kind: ServiceDependency
-metadata:
-  name: default
-  namespace: metrics-collection
-spec:
-  dependencies:
-  - imports:
-    - namespace: '*'
-
- -

The configuration above will allow workloads in the metrics-collection -namespace to access service in any namespace while workloads in other -namespaces will be configured for namespace local access as per the -global default service dependency (SAME_NAMESPACE).

- - - - - - - - - - - - - - - - -
FieldTypeDescription
dependenciesServiceDependency.Dependency[] -

REQUIRED. The set of services that workloads in this namespace are -expected to talk to, in addition to other workloads in the same -namespace. Dependencies describe the properties of outbound traffic from -a given workload.

- -
-
-

ServiceDependency.Dependency

-
-

Dependency describes a workload and the set of service dependencies -for the workload.

- - - - - - - - - - - - - - - - -
FieldTypeDescription
importsServiceDependency.Import[] -

REQUIRED: Import describes the set of namespaces whose exported -services will be accessed by the workloads selected by the -sourceWorkloadLabels. The sidecars attached to the workloads will be -configured with information required to reach other services in the -same namespace and the imported services. In addition to the -explicitly specified namespaces, namespaces specified in the global -mesh config (through defaultServiceDependency.importNamespaces) will also be -imported.

- -
-
-

ServiceDependency.Import

-
-

Import describes the set of namespaces whose exported services -(real/virtual) will be accessed by workloads in a given namespace. The -sidecars attached to the workloads will be configured with information -required to reach the imported services only. The gateways in the -current namespace will only honor imported VirtualServices instead of -every VirtualService that binds itself to the gateway.

- -

Importing a service from a namespace will automatically import the -exported configuration artifacts associated with the service, such as -VirtualService, DestinationRule, etc. The service in a namespace can be -a service in the service registry (e.g., a kubernetes or cloud foundry -service) or a service specified via ServiceEntry configuration.

- -

NOTE: Only exported services and configuration artifacts from a -namespace can be imported. Private services/configuration will not be -imported. See the scope setting associated with VirtualService, -DestinationRule, ServiceEntry, etc.

- - - - - - - - - - - - - - - - - - - @@ -3663,6 +3600,116 @@

ServiceEntry.Resolution

the destination IP address. DNS resolution cannot be used with unix domain socket endpoints.

+ + + +
FieldTypeDescription
namespacestring -

The configuration namespace whose services need to be imported. -Specify * to import all namespaces. The import can be scoped further -by specifying individual hosts.

- -
hoststring -

A FQDN or wildcard prefixed DNS name of the host to import from the -specified namespace. The hostnames include names of services from the -service registry as well as those specified in a VirtualService.

-
+
+

Sidecar

+
+

Sidecar describes the describes the configuration of the sidecar proxy +that mediates inbound and outbound communication to the workload it is +attached to. By default, Istio will program all sidecar proxies in the +mesh with the necessary configuration required to reach every workload +in the mesh, as well as accept traffic on all the ports associated with +the workload. The Sidecar resource provides a way to fine tune the set +of ports, protocols that the proxy will accept when forwarding traffic +to and from the workload. In addition, it is possible to restrict the +set of services that the proxy can reach when forwarding outbound +traffic from the workload.

+ +

Services and configuration in a mesh are organized into one or more +namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar +resource in a namespace will apply to all workloads in the namespace. +Currently, each namespace should have only one Sidecar resource named +“default”. The behavior of the system is undefined if more than one +Sidecar resource exists in a given namespace.

+ +

The example below delcares a Sidecar resource in the prod-us1 namespace +that configures the sidecar to proxy egress traffic for services in the +prod-us1 and prod-apis namespaces, and the policy and telemetry service +(if enabled) in the istio-system namespace.

+ +
apiVersion: networking.istio.io/v1alpha3
+kind: Sidecar
+metadata:
+  name: default
+  namespace: prod-us1
+spec:
+  egress:
+  - hosts:
+    - "prod-us1/*"
+    - "prod-apis/*"
+    - "istio-system/*"
+
+ +

The example below delcares a Sidecar resource in the prod-us1 namespace +that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +it to the attached workload listening on a unix domain socket. In the +egress direction, in addition to the istio-system namespace, the sidecar +proxies only HTTP traffic bound for port 9080 for services in the +prod-us1 namespace.

+ +
apiVersion: networking.istio.io/v1alpha3
+kind: Sidecar
+metadata:
+  name: default
+  namespace: prod-us1
+spec:
+  ingress:
+  - bind: tcp://10.10.10.10:9080
+    protocol: HTTP
+    defaultEndpoint: unix:///var/run/someuds.sock
+  egress:
+  - hosts:
+    - "istio-system/*"
+  - bind: tcp://0.0.0.0:9080
+    protocol: HTTP
+    hosts:
+    - "prod-us1/*"
+
+ + + + + + + + + + + + + + + + + + + + + + + + @@ -4433,3 +4480,42 @@

VirtualService

FieldTypeDescription
workloadSelectorWorkloadSelector +

Criteria used to select the specific set of pods/VMs on which this +sidecar configuration should be applied. If omitted, the sidecar +configuration will be applied to all workloads in the current config +namespace.

+ +
ingressIstioListener[] +

Ingress specifies the configuration of the sidecar for processing +inbound traffic to the attached workload. If omitted, Istio will +autoconfigure the sidecar based on the information about the workload +obtained from the service registry (e.g., exposed ports, services, +etc.).

+ +
egressIstioListener[] +

Egress specifies the configuration of the sidecar for processing +outbound traffic from the attached workload to other services in the +mesh. If omitted, Istio will autoconfigure the sidecar to be able to +reach every service in the mesh. etc.).

+
+

WorkloadSelector

+
+

WorkloadSelector specifies the criteria used to determine if the Gateway +or Sidecar resource can be applied to a given workload. If multiple +conditions are specified, all conditions need to match in order for the +workload to be selected.

+ + + + + + + + + + + + + + + + + + + + + +
FieldTypeDescription
labelsmap<string, string> +

One or more labels that indicate a specific set of pods/VMs on which +this gateway/sidecar configuration should be applied. The scope of +label search is restricted to the configuration namespace in which the +workload is present.

+ +
ipstring +

The IP address of the workload (as seen by Pilot) on which this +gateway/sidecar configuration should be applied.

+ +
+
diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index e8c2d80ea4..8f3eb44bf5 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -18,7 +18,7 @@ var _ = math.Inf // a namespace when the namespace is imported. By default all // configuration artifacts are public. Configurations with private scope // will not be imported when the namespace containing the configuration is -// imported in a ServiceDependency. +// imported in a Sidecar. type ConfigScope int32 const ( @@ -43,200 +43,223 @@ func (x ConfigScope) String() string { } func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } -// `ServiceDependency` describes the set of services that a workload depends on -// for its operation. In other words, it describes the properties of -// outgoing traffic from a given workload. By default, the service mesh -// established by Istio will have a full mesh connectivity - i.e. every -// workload will have proxy configuration required to reach every other -// workload in the mesh. However most connectivity graphs are sparse in -// practice. The ServiceDependency provides a way to declare the service -// dependencies associated with each workload such that the amount of -// configuration sent to the sidecars can be scoped to the requisite -// dependencies. +// `Sidecar` describes the describes the configuration of the sidecar proxy +// that mediates inbound and outbound communication to the workload it is +// attached to. By default, Istio will program all sidecar proxies in the +// mesh with the necessary configuration required to reach every workload +// in the mesh, as well as accept traffic on all the ports associated with +// the workload. The Sidecar resource provides a way to fine tune the set +// of ports, protocols that the proxy will accept when forwarding traffic +// to and from the workload. In addition, it is possible to restrict the +// set of services that the proxy can reach when forwarding outbound +// traffic from the workload. // // Services and configuration in a mesh are organized into one or more -// namespaces (e.g., a Kubernetes namespace or a CF org/space). Workloads -// in a namespace have an implicit dependency on other workloads in the -// same namespace. In addition, to declare dependencies on workloads in -// other namespaces, a ServiceDependency resource has to be specified in the -// current namespace. *_Each namespace MUST have only one ServiceDependency -// resource named "default"_*. The behavior of the system is undefined if -// more than one ServiceDependency resource exists in a given namespace. The set -// of dependencies specified in a ServiceDependency resource will be used to -// compute the sidecar configuration for every workload in the namespace. +// namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar +// resource in a namespace will apply to all workloads in the namespace. +// *_Currently, each namespace should have only one Sidecar resource named +// "default"_*. The behavior of the system is undefined if more than one +// Sidecar resource exists in a given namespace. // -// NOTE 1: If workloads in the mesh depend only on other workloads in the -// same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE -// in the mesh global config map (in values.yaml). -// -// NOTE 2: To facilitate incremental pruning of the the sidecar -// configuration, the default import mode for the mesh is set to -// ALL_NAMESPACES. In other words, every workload will be able to reach -// every other workload. Adding a ServiceDependency resource in a namespace will -// automatically prune the configuration for the workloads in that -// namespace. -// -// The following examples illustrate a few specific use cases of ServiceDependency. -// -// The example below delcares a ServiceDependency resource in the prod-us1 -// namespace that specifies that workloads in the namespace will be able to -// reach the services in the prod-apis namespace only. +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that configures the sidecar to proxy egress traffic for services in the +// prod-us1 and prod-apis namespaces, and the policy and telemetry service +// (if enabled) in the istio-system namespace. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 -// kind: ServiceDependency +// kind: Sidecar // metadata: // name: default // namespace: prod-us1 // spec: -// dependencies: -// - imports: -// - namespace: prod-apis +// egress: +// - hosts: +// - "prod-us1/*" +// - "prod-apis/*" +// - "istio-system/*" // ``` // -// In a mesh where the default service dependency is set to SAME_NAMESPACE -// only, if one or more workloads need to be able to reach every other -// service in the mesh (e.g., metrics collection server), the following -// ServiceDependency resource can be used to specify such a dependency: +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +// it to the attached workload listening on a unix domain socket. In the +// egress direction, in addition to the istio-system namespace, the sidecar +// proxies only HTTP traffic bound for port 9080 for services in the +// prod-us1 namespace. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 -// kind: ServiceDependency +// kind: Sidecar // metadata: // name: default -// namespace: metrics-collection +// namespace: prod-us1 // spec: -// dependencies: -// - imports: -// - namespace: '*' +// ingress: +// - bind: tcp://10.10.10.10:9080 +// protocol: HTTP +// defaultEndpoint: unix:///var/run/someuds.sock +// egress: +// - hosts: +// - "istio-system/*" +// - bind: tcp://0.0.0.0:9080 +// protocol: HTTP +// hosts: +// - "prod-us1/*" // ``` // -// The configuration above will allow workloads in the metrics-collection -// namespace to access service in any namespace while workloads in other -// namespaces will be configured for namespace local access as per the -// global default service dependency (SAME_NAMESPACE). -// -type ServiceDependency struct { - // REQUIRED. The set of services that workloads in this namespace are - // expected to talk to, in addition to other workloads in the same - // namespace. Dependencies describe the properties of outbound traffic from - // a given workload. - Dependencies []*ServiceDependency_Dependency `protobuf:"bytes,1,rep,name=dependencies" json:"dependencies,omitempty"` +type Sidecar struct { + // Criteria used to select the specific set of pods/VMs on which this + // sidecar configuration should be applied. If omitted, the sidecar + // configuration will be applied to all workloads in the current config + // namespace. + WorkloadSelector *WorkloadSelector `protobuf:"bytes,1,opt,name=workload_selector,json=workloadSelector" json:"workload_selector,omitempty"` + // Ingress specifies the configuration of the sidecar for processing + // inbound traffic to the attached workload. If omitted, Istio will + // autoconfigure the sidecar based on the information about the workload + // obtained from the service registry (e.g., exposed ports, services, + // etc.). + Ingress []*IstioListener `protobuf:"bytes,2,rep,name=ingress" json:"ingress,omitempty"` + // Egress specifies the configuration of the sidecar for processing + // outbound traffic from the attached workload to other services in the + // mesh. If omitted, Istio will autoconfigure the sidecar to be able to + // reach every service in the mesh. etc.). + Egress []*IstioListener `protobuf:"bytes,3,rep,name=egress" json:"egress,omitempty"` } -func (m *ServiceDependency) Reset() { *m = ServiceDependency{} } -func (m *ServiceDependency) String() string { return proto.CompactTextString(m) } -func (*ServiceDependency) ProtoMessage() {} -func (*ServiceDependency) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } +func (m *Sidecar) Reset() { *m = Sidecar{} } +func (m *Sidecar) String() string { return proto.CompactTextString(m) } +func (*Sidecar) ProtoMessage() {} +func (*Sidecar) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } -func (m *ServiceDependency) GetDependencies() []*ServiceDependency_Dependency { +func (m *Sidecar) GetWorkloadSelector() *WorkloadSelector { if m != nil { - return m.Dependencies + return m.WorkloadSelector } return nil } -// Import describes the set of namespaces whose exported services -// (real/virtual) will be accessed by workloads in a given namespace. The -// sidecars attached to the workloads will be configured with information -// required to reach the imported services only. The gateways in the -// current namespace will only honor imported VirtualServices instead of -// every VirtualService that binds itself to the gateway. -// -// Importing a service from a namespace will automatically import the -// exported configuration artifacts associated with the service, such as -// VirtualService, DestinationRule, etc. The service in a namespace can be -// a service in the service registry (e.g., a kubernetes or cloud foundry -// service) or a service specified via ServiceEntry configuration. -// -// NOTE: Only exported services and configuration artifacts from a -// namespace can be imported. Private services/configuration will not be -// imported. See the scope setting associated with VirtualService, -// DestinationRule, ServiceEntry, etc. -type ServiceDependency_Import struct { - // The configuration namespace whose services need to be imported. - // Specify * to import all namespaces. The import can be scoped further - // by specifying individual hosts. - Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"` - // A FQDN or wildcard prefixed DNS name of the host to import from the - // specified namespace. The hostnames include names of services from the - // service registry as well as those specified in a VirtualService. - Host string `protobuf:"bytes,2,opt,name=host,proto3" json:"host,omitempty"` +func (m *Sidecar) GetIngress() []*IstioListener { + if m != nil { + return m.Ingress + } + return nil +} + +func (m *Sidecar) GetEgress() []*IstioListener { + if m != nil { + return m.Egress + } + return nil } -func (m *ServiceDependency_Import) Reset() { *m = ServiceDependency_Import{} } -func (m *ServiceDependency_Import) String() string { return proto.CompactTextString(m) } -func (*ServiceDependency_Import) ProtoMessage() {} -func (*ServiceDependency_Import) Descriptor() ([]byte, []int) { - return fileDescriptorSidecar, []int{0, 0} +// IstioListener specifies the properties of a single listener on the +// sidecar proxy attached to a workload. +type IstioListener struct { + // An arbitrary name associated with the listener used for emitting metrics. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The ip:port or the unix domain socket to which the listener should be + // bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or + // unix://@foobar (Linux abstract namespace). To bind to any IP with + // specific port, use tcp://0.0.0.0: + BindAddress string `protobuf:"bytes,2,opt,name=bind_address,json=bindAddress,proto3" json:"bind_address,omitempty"` + // When the bind address is an IP:port, the bindToPort option dictates + // whether or not the sidecar should bind its listener socket to the + // specified port. Set bindToPort to false (default) if application + // traffic entering/leaving a pod/VM is captured automatically through + // iptables redirection and forwarded to the sidecar on a specific port + // (see proxyListenPort in the global MeshConfig). When not using + // iptables for traffic capture, set bindToPort to true to force the + // sidecar to bind to the specified port. Note that the binding might + // fail if the application workload is already bound to the same port. + BindToPort bool `protobuf:"varint,3,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"` + // The protocol associated with this listener. + // MUST BE one of HTTP|TCP|TLS|MONGO. + // TLS implies the connection will be routed based on the SNI header. + // HTTP implies HTTP 1.1/HTTP 2/gRPC + Protocol string `protobuf:"bytes,4,opt,name=protocol,proto3" json:"protocol,omitempty"` + // One or more hosts (HTTP or SNI) exposed by the listener in + // namespace/dnsName format. _*Hosts will be ignored for ingress + // servers*_. For egress servers, the hosts field results in importing + // one or more publicly scoped services and VirtualServices from remote + // namespaces. The service in a namespace can be a service in the service + // registry (e.g., a kubernetes or cloud foundry service) or a service + // specified via ServiceEntry configuration. In addition, any publicly + // scoped DestinationRule associated with the imported services will also + // be imported. + // + // Set the namespace to * to import a particular service from any + // available namespace (e.g., "*/foo.example.com"). Set the dnsName field + // to * to import all services from the specified namespace (e.g., + // "prod/*"). Wildcard DNS names can be used to import a specific set of + // services from the specified namespace (e.g., "prod/*.example.com"). + // + // NOTE: Only exported services and configuration artifacts from a + // namespace can be imported. Private services/configuration will not be + // imported. Refer to the scope setting associated with VirtualService, + // DestinationRule, ServiceEntry, etc. for details. + Hosts []string `protobuf:"bytes,5,rep,name=hosts" json:"hosts,omitempty"` + // The IP endpoint or unix domain socket to which traffic should be + // forwarded to by default. In the context of an ingress server, this + // configuration can be used to redirect traffic arriving at the bind + // point on the sidecar to a port or unix domain socket where the + // application workload is listening for connections. Format should be + // tcp://127.0.0.1:PORT or unix:///path/to/socket + DefaultEndpoint string `protobuf:"bytes,6,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } -func (m *ServiceDependency_Import) GetNamespace() string { +func (m *IstioListener) Reset() { *m = IstioListener{} } +func (m *IstioListener) String() string { return proto.CompactTextString(m) } +func (*IstioListener) ProtoMessage() {} +func (*IstioListener) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{1} } + +func (m *IstioListener) GetName() string { if m != nil { - return m.Namespace + return m.Name } return "" } -func (m *ServiceDependency_Import) GetHost() string { +func (m *IstioListener) GetBindAddress() string { if m != nil { - return m.Host + return m.BindAddress } return "" } -// Dependency describes a workload and the set of service dependencies -// for the workload. -type ServiceDependency_Dependency struct { - // [#not-implemented-hide:] - // One or more labels that indicate a specific set of pods/VMs on which - // this dependency configuration should be applied. The scope of label - // search is platform dependent. On Kubernetes, for example, the scope - // includes pods running in the namespace in which the ServiceDependency - // resource is present. If the sourceWorkloadLabels are omitted, the - // imports specified will be applicable to all workloads in the current - // configuration namespace. - // NOTE: source_workload_labels are currently not supported. - SourceWorkloadLabels map[string]string `protobuf:"bytes,1,rep,name=source_workload_labels,json=sourceWorkloadLabels" json:"source_workload_labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // REQUIRED: Import describes the set of namespaces whose exported - // services will be accessed by the workloads selected by the - // sourceWorkloadLabels. The sidecars attached to the workloads will be - // configured with information required to reach other services in the - // same namespace and the imported services. In addition to the - // explicitly specified namespaces, namespaces specified in the global - // mesh config (through defaultServiceDependency.importNamespaces) will also be - // imported. - Imports []*ServiceDependency_Import `protobuf:"bytes,2,rep,name=imports" json:"imports,omitempty"` +func (m *IstioListener) GetBindToPort() bool { + if m != nil { + return m.BindToPort + } + return false } -func (m *ServiceDependency_Dependency) Reset() { *m = ServiceDependency_Dependency{} } -func (m *ServiceDependency_Dependency) String() string { return proto.CompactTextString(m) } -func (*ServiceDependency_Dependency) ProtoMessage() {} -func (*ServiceDependency_Dependency) Descriptor() ([]byte, []int) { - return fileDescriptorSidecar, []int{0, 1} +func (m *IstioListener) GetProtocol() string { + if m != nil { + return m.Protocol + } + return "" } -func (m *ServiceDependency_Dependency) GetSourceWorkloadLabels() map[string]string { +func (m *IstioListener) GetHosts() []string { if m != nil { - return m.SourceWorkloadLabels + return m.Hosts } return nil } -func (m *ServiceDependency_Dependency) GetImports() []*ServiceDependency_Import { +func (m *IstioListener) GetDefaultEndpoint() string { if m != nil { - return m.Imports + return m.DefaultEndpoint } - return nil + return "" } func init() { - proto.RegisterType((*ServiceDependency)(nil), "istio.networking.v1alpha3.ServiceDependency") - proto.RegisterType((*ServiceDependency_Import)(nil), "istio.networking.v1alpha3.ServiceDependency.Import") - proto.RegisterType((*ServiceDependency_Dependency)(nil), "istio.networking.v1alpha3.ServiceDependency.Dependency") + proto.RegisterType((*Sidecar)(nil), "istio.networking.v1alpha3.Sidecar") + proto.RegisterType((*IstioListener)(nil), "istio.networking.v1alpha3.IstioListener") proto.RegisterEnum("istio.networking.v1alpha3.ConfigScope", ConfigScope_name, ConfigScope_value) } -func (m *ServiceDependency) Marshal() (dAtA []byte, err error) { +func (m *Sidecar) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalTo(dAtA) @@ -246,14 +269,36 @@ func (m *ServiceDependency) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *ServiceDependency) MarshalTo(dAtA []byte) (int, error) { +func (m *Sidecar) MarshalTo(dAtA []byte) (int, error) { var i int _ = i var l int _ = l - if len(m.Dependencies) > 0 { - for _, msg := range m.Dependencies { - dAtA[i] = 0xa + if m.WorkloadSelector != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintSidecar(dAtA, i, uint64(m.WorkloadSelector.Size())) + n1, err := m.WorkloadSelector.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + } + if len(m.Ingress) > 0 { + for _, msg := range m.Ingress { + dAtA[i] = 0x12 + i++ + i = encodeVarintSidecar(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } + if len(m.Egress) > 0 { + for _, msg := range m.Egress { + dAtA[i] = 0x1a i++ i = encodeVarintSidecar(dAtA, i, uint64(msg.Size())) n, err := msg.MarshalTo(dAtA[i:]) @@ -266,7 +311,7 @@ func (m *ServiceDependency) MarshalTo(dAtA []byte) (int, error) { return i, nil } -func (m *ServiceDependency_Import) Marshal() (dAtA []byte, err error) { +func (m *IstioListener) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalTo(dAtA) @@ -276,70 +321,60 @@ func (m *ServiceDependency_Import) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *ServiceDependency_Import) MarshalTo(dAtA []byte) (int, error) { +func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { var i int _ = i var l int _ = l - if len(m.Namespace) > 0 { + if len(m.Name) > 0 { dAtA[i] = 0xa i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(m.Namespace))) - i += copy(dAtA[i:], m.Namespace) + i = encodeVarintSidecar(dAtA, i, uint64(len(m.Name))) + i += copy(dAtA[i:], m.Name) } - if len(m.Host) > 0 { + if len(m.BindAddress) > 0 { dAtA[i] = 0x12 i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(m.Host))) - i += copy(dAtA[i:], m.Host) + i = encodeVarintSidecar(dAtA, i, uint64(len(m.BindAddress))) + i += copy(dAtA[i:], m.BindAddress) } - return i, nil -} - -func (m *ServiceDependency_Dependency) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ServiceDependency_Dependency) MarshalTo(dAtA []byte) (int, error) { - var i int - _ = i - var l int - _ = l - if len(m.SourceWorkloadLabels) > 0 { - for k, _ := range m.SourceWorkloadLabels { - dAtA[i] = 0xa - i++ - v := m.SourceWorkloadLabels[k] - mapSize := 1 + len(k) + sovSidecar(uint64(len(k))) + 1 + len(v) + sovSidecar(uint64(len(v))) - i = encodeVarintSidecar(dAtA, i, uint64(mapSize)) - dAtA[i] = 0xa - i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(k))) - i += copy(dAtA[i:], k) - dAtA[i] = 0x12 - i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(v))) - i += copy(dAtA[i:], v) + if m.BindToPort { + dAtA[i] = 0x18 + i++ + if m.BindToPort { + dAtA[i] = 1 + } else { + dAtA[i] = 0 } + i++ } - if len(m.Imports) > 0 { - for _, msg := range m.Imports { - dAtA[i] = 0x12 + if len(m.Protocol) > 0 { + dAtA[i] = 0x22 + i++ + i = encodeVarintSidecar(dAtA, i, uint64(len(m.Protocol))) + i += copy(dAtA[i:], m.Protocol) + } + if len(m.Hosts) > 0 { + for _, s := range m.Hosts { + dAtA[i] = 0x2a i++ - i = encodeVarintSidecar(dAtA, i, uint64(msg.Size())) - n, err := msg.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err + l = len(s) + for l >= 1<<7 { + dAtA[i] = uint8(uint64(l)&0x7f | 0x80) + l >>= 7 + i++ } - i += n + dAtA[i] = uint8(l) + i++ + i += copy(dAtA[i:], s) } } + if len(m.DefaultEndpoint) > 0 { + dAtA[i] = 0x32 + i++ + i = encodeVarintSidecar(dAtA, i, uint64(len(m.DefaultEndpoint))) + i += copy(dAtA[i:], m.DefaultEndpoint) + } return i, nil } @@ -352,11 +387,21 @@ func encodeVarintSidecar(dAtA []byte, offset int, v uint64) int { dAtA[offset] = uint8(v) return offset + 1 } -func (m *ServiceDependency) Size() (n int) { +func (m *Sidecar) Size() (n int) { var l int _ = l - if len(m.Dependencies) > 0 { - for _, e := range m.Dependencies { + if m.WorkloadSelector != nil { + l = m.WorkloadSelector.Size() + n += 1 + l + sovSidecar(uint64(l)) + } + if len(m.Ingress) > 0 { + for _, e := range m.Ingress { + l = e.Size() + n += 1 + l + sovSidecar(uint64(l)) + } + } + if len(m.Egress) > 0 { + for _, e := range m.Egress { l = e.Size() n += 1 + l + sovSidecar(uint64(l)) } @@ -364,37 +409,34 @@ func (m *ServiceDependency) Size() (n int) { return n } -func (m *ServiceDependency_Import) Size() (n int) { +func (m *IstioListener) Size() (n int) { var l int _ = l - l = len(m.Namespace) + l = len(m.Name) if l > 0 { n += 1 + l + sovSidecar(uint64(l)) } - l = len(m.Host) + l = len(m.BindAddress) if l > 0 { n += 1 + l + sovSidecar(uint64(l)) } - return n -} - -func (m *ServiceDependency_Dependency) Size() (n int) { - var l int - _ = l - if len(m.SourceWorkloadLabels) > 0 { - for k, v := range m.SourceWorkloadLabels { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sovSidecar(uint64(len(k))) + 1 + len(v) + sovSidecar(uint64(len(v))) - n += mapEntrySize + 1 + sovSidecar(uint64(mapEntrySize)) - } + if m.BindToPort { + n += 2 } - if len(m.Imports) > 0 { - for _, e := range m.Imports { - l = e.Size() + l = len(m.Protocol) + if l > 0 { + n += 1 + l + sovSidecar(uint64(l)) + } + if len(m.Hosts) > 0 { + for _, s := range m.Hosts { + l = len(s) n += 1 + l + sovSidecar(uint64(l)) } } + l = len(m.DefaultEndpoint) + if l > 0 { + n += 1 + l + sovSidecar(uint64(l)) + } return n } @@ -411,7 +453,7 @@ func sovSidecar(x uint64) (n int) { func sozSidecar(x uint64) (n int) { return sovSidecar(uint64((x << 1) ^ uint64((int64(x) >> 63)))) } -func (m *ServiceDependency) Unmarshal(dAtA []byte) error { +func (m *Sidecar) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -434,15 +476,15 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: ServiceDependency: wiretype end group for non-group") + return fmt.Errorf("proto: Sidecar: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: ServiceDependency: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: Sidecar: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Dependencies", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field WorkloadSelector", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -466,8 +508,72 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Dependencies = append(m.Dependencies, &ServiceDependency_Dependency{}) - if err := m.Dependencies[len(m.Dependencies)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + if m.WorkloadSelector == nil { + m.WorkloadSelector = &WorkloadSelector{} + } + if err := m.WorkloadSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthSidecar + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Ingress = append(m.Ingress, &IstioListener{}) + if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Egress", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthSidecar + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Egress = append(m.Egress, &IstioListener{}) + if err := m.Egress[len(m.Egress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex @@ -492,7 +598,7 @@ func (m *ServiceDependency) Unmarshal(dAtA []byte) error { } return nil } -func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { +func (m *IstioListener) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -515,15 +621,15 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: Import: wiretype end group for non-group") + return fmt.Errorf("proto: IstioListener: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: Import: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: IstioListener: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -548,11 +654,11 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Namespace = string(dAtA[iNdEx:postIndex]) + m.Name = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field BindAddress", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -577,63 +683,33 @@ func (m *ServiceDependency_Import) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Host = string(dAtA[iNdEx:postIndex]) + m.BindAddress = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipSidecar(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthSidecar - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSidecar - } - if iNdEx >= l { - return io.ErrUnexpectedEOF + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field BindToPort", wireType) } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Dependency: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Dependency: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: + m.BindToPort = bool(v != 0) + case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SourceWorkloadLabels", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType) } - var msglen int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -643,115 +719,55 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + stringLen |= (uint64(b) & 0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthSidecar } - postIndex := iNdEx + msglen + postIndex := iNdEx + intStringLen if postIndex > l { return io.ErrUnexpectedEOF } - if m.SourceWorkloadLabels == nil { - m.SourceWorkloadLabels = make(map[string]string) + m.Protocol = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSidecar - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSidecar - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthSidecar - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSidecar - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLengthSidecar - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skipSidecar(dAtA[iNdEx:]) - if err != nil { - return err - } - if skippy < 0 { - return ErrInvalidLengthSidecar - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy + if iNdEx >= l { + return io.ErrUnexpectedEOF } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthSidecar } - m.SourceWorkloadLabels[mapkey] = mapvalue + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 2: + case 6: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Imports", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) } - var msglen int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -761,22 +777,20 @@ func (m *ServiceDependency_Dependency) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + stringLen |= (uint64(b) & 0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthSidecar } - postIndex := iNdEx + msglen + postIndex := iNdEx + intStringLen if postIndex > l { return io.ErrUnexpectedEOF } - m.Imports = append(m.Imports, &ServiceDependency_Import{}) - if err := m.Imports[len(m.Imports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } + m.DefaultEndpoint = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex default: iNdEx = preIndex @@ -907,28 +921,29 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } var fileDescriptorSidecar = []byte{ - // 356 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x92, 0xdf, 0x4a, 0x32, 0x41, - 0x14, 0xc0, 0xbf, 0x59, 0xbf, 0x4f, 0xf1, 0xf8, 0x5d, 0xd8, 0x20, 0xb1, 0x4a, 0x88, 0x75, 0x11, - 0xd2, 0xc5, 0x2c, 0xe5, 0x45, 0xe1, 0x5d, 0x9a, 0x84, 0x60, 0x60, 0x6b, 0x7f, 0xa0, 0x2e, 0x64, - 0xdc, 0x3d, 0xe9, 0xe0, 0xba, 0xb3, 0xec, 0xac, 0x86, 0x4f, 0xd0, 0xdb, 0xf4, 0x1c, 0x5d, 0xf6, - 0x02, 0x41, 0xf8, 0x24, 0xe1, 0xe8, 0x62, 0x91, 0x5e, 0xd4, 0xdd, 0x39, 0x73, 0x0e, 0xbf, 0xf3, - 0x9b, 0xc3, 0x81, 0x5d, 0x1f, 0xa3, 0x47, 0x19, 0x0e, 0x85, 0xdf, 0xb7, 0x26, 0x87, 0xdc, 0x0b, - 0x06, 0xbc, 0x62, 0x29, 0xe1, 0xa2, 0xc3, 0x43, 0x16, 0x84, 0x32, 0x92, 0x34, 0x2f, 0x54, 0x24, - 0x24, 0x5b, 0x35, 0xb2, 0xb8, 0x71, 0xef, 0x2d, 0x01, 0x5b, 0x1d, 0x0c, 0x27, 0xc2, 0xc1, 0x33, - 0x0c, 0xd0, 0x77, 0xd1, 0x77, 0xa6, 0xf4, 0x1e, 0xfe, 0xbb, 0x71, 0x26, 0x50, 0x99, 0xa4, 0x94, - 0x28, 0x67, 0x8e, 0x8e, 0xd9, 0x46, 0x0e, 0xfb, 0xc6, 0x60, 0xab, 0xd0, 0xfe, 0x02, 0x2b, 0x54, - 0x21, 0xd9, 0x1c, 0x05, 0x32, 0x8c, 0xe8, 0x0e, 0xa4, 0x7d, 0x3e, 0x42, 0x15, 0x70, 0x07, 0x4d, - 0x52, 0x22, 0xe5, 0xb4, 0xbd, 0x7a, 0xa0, 0x14, 0xfe, 0x0e, 0xa4, 0x8a, 0x4c, 0x43, 0x17, 0x74, - 0x5c, 0x78, 0x36, 0x00, 0x3e, 0x79, 0x3e, 0x11, 0xd8, 0x56, 0x72, 0x1c, 0x3a, 0xd8, 0x9d, 0x1b, - 0x79, 0x92, 0xbb, 0x5d, 0x8f, 0xf7, 0xd0, 0x8b, 0x95, 0x2f, 0x7f, 0xa9, 0xcc, 0x3a, 0x9a, 0x7a, - 0xbb, 0x84, 0xb6, 0x34, 0xb3, 0xe1, 0x47, 0xe1, 0xd4, 0xce, 0xa9, 0x35, 0x25, 0x7a, 0x01, 0x29, - 0xa1, 0x3f, 0xa5, 0x4c, 0x43, 0x4f, 0xae, 0xfc, 0x68, 0xf2, 0x62, 0x21, 0x76, 0xcc, 0x28, 0x9c, - 0x43, 0x7e, 0xa3, 0x01, 0xcd, 0x42, 0x62, 0x88, 0xd3, 0xe5, 0xc2, 0xe6, 0x21, 0xcd, 0xc1, 0xbf, - 0x09, 0xf7, 0xc6, 0xb8, 0xdc, 0xd5, 0x22, 0xa9, 0x1a, 0x27, 0xe4, 0x60, 0x1f, 0x32, 0x75, 0xe9, - 0x3f, 0x88, 0x7e, 0xc7, 0x91, 0x01, 0x52, 0x80, 0x64, 0xfb, 0xba, 0xd6, 0x6a, 0xd6, 0xb3, 0x7f, - 0x68, 0x06, 0x52, 0x6d, 0xbb, 0x79, 0x73, 0x7a, 0xd5, 0xc8, 0x92, 0x1a, 0x7b, 0x99, 0x15, 0xc9, - 0xeb, 0xac, 0x48, 0xde, 0x67, 0x45, 0x72, 0x57, 0x5a, 0xb8, 0x0b, 0x69, 0xf1, 0x40, 0x58, 0x6b, - 0x0e, 0xac, 0x97, 0xd4, 0x97, 0x55, 0xf9, 0x08, 0x00, 0x00, 0xff, 0xff, 0x8b, 0x5e, 0x39, 0xb5, - 0x7e, 0x02, 0x00, 0x00, + // 375 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcd, 0xee, 0xd2, 0x40, + 0x14, 0xc5, 0x1d, 0xfb, 0xa7, 0xc0, 0xad, 0xc6, 0x3a, 0x71, 0x51, 0x59, 0x90, 0xc2, 0xc2, 0x54, + 0x4d, 0xda, 0x08, 0x2f, 0x20, 0x10, 0x16, 0x24, 0x2c, 0x48, 0xc1, 0x8f, 0xb8, 0x69, 0x86, 0x76, + 0x28, 0x13, 0xeb, 0xdc, 0x66, 0x66, 0x94, 0xf8, 0x80, 0x26, 0x2e, 0x7d, 0x04, 0xc3, 0xce, 0xb7, + 0x30, 0xfd, 0x40, 0xa3, 0x41, 0x93, 0xff, 0x6e, 0xee, 0xb9, 0xe7, 0x77, 0xe6, 0xce, 0xcd, 0xc0, + 0x48, 0x72, 0x73, 0x42, 0xf5, 0x5e, 0xc8, 0x3c, 0xfa, 0xf4, 0x82, 0x15, 0xe5, 0x91, 0x4d, 0x23, + 0x2d, 0x32, 0x9e, 0x32, 0x15, 0x96, 0x0a, 0x0d, 0xd2, 0xc7, 0x42, 0x1b, 0x81, 0xe1, 0x6f, 0x63, + 0x78, 0x31, 0x0e, 0xae, 0xd2, 0x39, 0x33, 0xfc, 0xc4, 0x3e, 0x37, 0xf4, 0xf8, 0x07, 0x81, 0xee, + 0xb6, 0xc9, 0xa3, 0x6f, 0xe1, 0x61, 0xe5, 0x2e, 0x90, 0x65, 0x89, 0xe6, 0x05, 0x4f, 0x0d, 0x2a, + 0x8f, 0xf8, 0x24, 0x70, 0x26, 0xcf, 0xc3, 0x7f, 0xde, 0x12, 0xbe, 0x69, 0x99, 0x6d, 0x8b, 0xc4, + 0xee, 0xe9, 0x2f, 0x85, 0xce, 0xa1, 0x2b, 0x64, 0xae, 0xb8, 0xd6, 0xde, 0x5d, 0xdf, 0x0a, 0x9c, + 0x49, 0xf0, 0x9f, 0xbc, 0x55, 0xd5, 0x59, 0x0b, 0x6d, 0xb8, 0xe4, 0x2a, 0xbe, 0x80, 0xf4, 0x25, + 0xd8, 0xbc, 0x89, 0xb0, 0x6e, 0x19, 0xd1, 0x72, 0xe3, 0x2f, 0x04, 0xee, 0xff, 0xd1, 0xa1, 0x14, + 0x6e, 0x24, 0xfb, 0xc0, 0xeb, 0x47, 0xf6, 0xe3, 0xfa, 0x4c, 0x47, 0x70, 0x6f, 0x2f, 0x64, 0x96, + 0xb0, 0x2c, 0x6b, 0x07, 0xae, 0x7a, 0x4e, 0xa5, 0xcd, 0x1a, 0x89, 0xfa, 0xad, 0xc5, 0x60, 0x52, + 0xa2, 0x32, 0x9e, 0xe5, 0x93, 0xa0, 0x17, 0x43, 0xa5, 0xed, 0x70, 0x83, 0xca, 0xd0, 0x01, 0xf4, + 0xea, 0xfd, 0xa6, 0x58, 0x78, 0x37, 0x75, 0xc0, 0xaf, 0x9a, 0x3e, 0x82, 0xce, 0x11, 0xb5, 0xd1, + 0x5e, 0xc7, 0xb7, 0x82, 0x7e, 0xdc, 0x14, 0xf4, 0x29, 0xb8, 0x19, 0x3f, 0xb0, 0x8f, 0x85, 0x49, + 0xb8, 0xcc, 0x4a, 0x14, 0xd2, 0x78, 0x76, 0x4d, 0x3e, 0x68, 0xf5, 0x65, 0x2b, 0x3f, 0x7b, 0x02, + 0xce, 0x02, 0xe5, 0x41, 0xe4, 0xdb, 0x14, 0x4b, 0x4e, 0x01, 0xec, 0xcd, 0xab, 0xf9, 0x7a, 0xb5, + 0x70, 0xef, 0x50, 0x07, 0xba, 0x9b, 0x78, 0xf5, 0x7a, 0xb6, 0x5b, 0xba, 0x64, 0x1e, 0x7e, 0x3d, + 0x0f, 0xc9, 0xb7, 0xf3, 0x90, 0x7c, 0x3f, 0x0f, 0xc9, 0x3b, 0xbf, 0x59, 0x97, 0xc0, 0x88, 0x95, + 0x22, 0xba, 0xf2, 0x33, 0xf6, 0x76, 0x3d, 0xe2, 0xf4, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff, 0xe4, + 0xba, 0xfd, 0xef, 0x75, 0x02, 0x00, 0x00, } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index f6c54c71a3..52f94c8604 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -14,150 +14,162 @@ syntax = "proto3"; +import "networking/v1alpha3/gateway.proto"; + package istio.networking.v1alpha3; option go_package = "istio.io/api/networking/v1alpha3"; -// `ServiceDependency` describes the set of services that a workload depends on -// for its operation. In other words, it describes the properties of -// outgoing traffic from a given workload. By default, the service mesh -// established by Istio will have a full mesh connectivity - i.e. every -// workload will have proxy configuration required to reach every other -// workload in the mesh. However most connectivity graphs are sparse in -// practice. The ServiceDependency provides a way to declare the service -// dependencies associated with each workload such that the amount of -// configuration sent to the sidecars can be scoped to the requisite -// dependencies. +// `Sidecar` describes the describes the configuration of the sidecar proxy +// that mediates inbound and outbound communication to the workload it is +// attached to. By default, Istio will program all sidecar proxies in the +// mesh with the necessary configuration required to reach every workload +// in the mesh, as well as accept traffic on all the ports associated with +// the workload. The Sidecar resource provides a way to fine tune the set +// of ports, protocols that the proxy will accept when forwarding traffic +// to and from the workload. In addition, it is possible to restrict the +// set of services that the proxy can reach when forwarding outbound +// traffic from the workload. // // Services and configuration in a mesh are organized into one or more -// namespaces (e.g., a Kubernetes namespace or a CF org/space). Workloads -// in a namespace have an implicit dependency on other workloads in the -// same namespace. In addition, to declare dependencies on workloads in -// other namespaces, a ServiceDependency resource has to be specified in the -// current namespace. *_Each namespace MUST have only one ServiceDependency -// resource named "default"_*. The behavior of the system is undefined if -// more than one ServiceDependency resource exists in a given namespace. The set -// of dependencies specified in a ServiceDependency resource will be used to -// compute the sidecar configuration for every workload in the namespace. -// -// NOTE 1: If workloads in the mesh depend only on other workloads in the -// same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE -// in the mesh global config map (in values.yaml). -// -// NOTE 2: To facilitate incremental pruning of the the sidecar -// configuration, the default import mode for the mesh is set to -// ALL_NAMESPACES. In other words, every workload will be able to reach -// every other workload. Adding a ServiceDependency resource in a namespace will -// automatically prune the configuration for the workloads in that -// namespace. +// namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar +// resource in a namespace will apply to all workloads in the namespace. +// *_Currently, each namespace should have only one Sidecar resource named +// "default"_*. The behavior of the system is undefined if more than one +// Sidecar resource exists in a given namespace. // -// The following examples illustrate a few specific use cases of ServiceDependency. -// -// The example below delcares a ServiceDependency resource in the prod-us1 -// namespace that specifies that workloads in the namespace will be able to -// reach the services in the prod-apis namespace only. +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that configures the sidecar to proxy egress traffic for services in the +// prod-us1 and prod-apis namespaces, and the policy and telemetry service +// (if enabled) in the istio-system namespace. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 -// kind: ServiceDependency +// kind: Sidecar // metadata: // name: default // namespace: prod-us1 // spec: -// dependencies: -// - imports: -// - namespace: prod-apis +// egress: +// - hosts: +// - "prod-us1/*" +// - "prod-apis/*" +// - "istio-system/*" // ``` // -// In a mesh where the default service dependency is set to SAME_NAMESPACE -// only, if one or more workloads need to be able to reach every other -// service in the mesh (e.g., metrics collection server), the following -// ServiceDependency resource can be used to specify such a dependency: +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +// it to the attached workload listening on a unix domain socket. In the +// egress direction, in addition to the istio-system namespace, the sidecar +// proxies only HTTP traffic bound for port 9080 for services in the +// prod-us1 namespace. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 -// kind: ServiceDependency +// kind: Sidecar // metadata: // name: default -// namespace: metrics-collection +// namespace: prod-us1 // spec: -// dependencies: -// - imports: -// - namespace: '*' +// ingress: +// - bind: tcp://10.10.10.10:9080 +// protocol: HTTP +// defaultEndpoint: unix:///var/run/someuds.sock +// egress: +// - hosts: +// - "istio-system/*" +// - bind: tcp://0.0.0.0:9080 +// protocol: HTTP +// hosts: +// - "prod-us1/*" // ``` // -// The configuration above will allow workloads in the metrics-collection -// namespace to access service in any namespace while workloads in other -// namespaces will be configured for namespace local access as per the -// global default service dependency (SAME_NAMESPACE). -// -message ServiceDependency { - // Import describes the set of namespaces whose exported services - // (real/virtual) will be accessed by workloads in a given namespace. The - // sidecars attached to the workloads will be configured with information - // required to reach the imported services only. The gateways in the - // current namespace will only honor imported VirtualServices instead of - // every VirtualService that binds itself to the gateway. +message Sidecar { + // Criteria used to select the specific set of pods/VMs on which this + // sidecar configuration should be applied. If omitted, the sidecar + // configuration will be applied to all workloads in the current config + // namespace. + WorkloadSelector workload_selector = 1; + + // Ingress specifies the configuration of the sidecar for processing + // inbound traffic to the attached workload. If omitted, Istio will + // autoconfigure the sidecar based on the information about the workload + // obtained from the service registry (e.g., exposed ports, services, + // etc.). + repeated IstioListener ingress = 2; + + // Egress specifies the configuration of the sidecar for processing + // outbound traffic from the attached workload to other services in the + // mesh. If omitted, Istio will autoconfigure the sidecar to be able to + // reach every service in the mesh. etc.). + repeated IstioListener egress = 3; +} + +// IstioListener specifies the properties of a single listener on the +// sidecar proxy attached to a workload. +message IstioListener { + // An arbitrary name associated with the listener used for emitting metrics. + string name = 1; + + // The ip:port or the unix domain socket to which the listener should be + // bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or + // unix://@foobar (Linux abstract namespace). To bind to any IP with + // specific port, use tcp://0.0.0.0: + string bind_address = 2; + + // When the bind address is an IP:port, the bindToPort option dictates + // whether or not the sidecar should bind its listener socket to the + // specified port. Set bindToPort to false (default) if application + // traffic entering/leaving a pod/VM is captured automatically through + // iptables redirection and forwarded to the sidecar on a specific port + // (see proxyListenPort in the global MeshConfig). When not using + // iptables for traffic capture, set bindToPort to true to force the + // sidecar to bind to the specified port. Note that the binding might + // fail if the application workload is already bound to the same port. + bool bind_to_port = 3; + + // The protocol associated with this listener. + // MUST BE one of HTTP|TCP|TLS|MONGO. + // TLS implies the connection will be routed based on the SNI header. + // HTTP implies HTTP 1.1/HTTP 2/gRPC + string protocol = 4; + + // One or more hosts (HTTP or SNI) exposed by the listener in + // namespace/dnsName format. _*Hosts will be ignored for ingress + // servers*_. For egress servers, the hosts field results in importing + // one or more publicly scoped services and VirtualServices from remote + // namespaces. The service in a namespace can be a service in the service + // registry (e.g., a kubernetes or cloud foundry service) or a service + // specified via ServiceEntry configuration. In addition, any publicly + // scoped DestinationRule associated with the imported services will also + // be imported. // - // Importing a service from a namespace will automatically import the - // exported configuration artifacts associated with the service, such as - // VirtualService, DestinationRule, etc. The service in a namespace can be - // a service in the service registry (e.g., a kubernetes or cloud foundry - // service) or a service specified via ServiceEntry configuration. + // Set the namespace to * to import a particular service from any + // available namespace (e.g., "*/foo.example.com"). Set the dnsName field + // to * to import all services from the specified namespace (e.g., + // "prod/*"). Wildcard DNS names can be used to import a specific set of + // services from the specified namespace (e.g., "prod/*.example.com"). // // NOTE: Only exported services and configuration artifacts from a // namespace can be imported. Private services/configuration will not be - // imported. See the scope setting associated with VirtualService, - // DestinationRule, ServiceEntry, etc. - message Import { - // The configuration namespace whose services need to be imported. - // Specify * to import all namespaces. The import can be scoped further - // by specifying individual hosts. - string namespace = 1; - - // A FQDN or wildcard prefixed DNS name of the host to import from the - // specified namespace. The hostnames include names of services from the - // service registry as well as those specified in a VirtualService. - string host = 2; - }; - - // Dependency describes a workload and the set of service dependencies - // for the workload. - message Dependency { - // [#not-implemented-hide:] - // One or more labels that indicate a specific set of pods/VMs on which - // this dependency configuration should be applied. The scope of label - // search is platform dependent. On Kubernetes, for example, the scope - // includes pods running in the namespace in which the ServiceDependency - // resource is present. If the sourceWorkloadLabels are omitted, the - // imports specified will be applicable to all workloads in the current - // configuration namespace. - // NOTE: source_workload_labels are currently not supported. - map source_workload_labels = 1; - - // REQUIRED: Import describes the set of namespaces whose exported - // services will be accessed by the workloads selected by the - // sourceWorkloadLabels. The sidecars attached to the workloads will be - // configured with information required to reach other services in the - // same namespace and the imported services. In addition to the - // explicitly specified namespaces, namespaces specified in the global - // mesh config (through defaultServiceDependency.importNamespaces) will also be - // imported. - repeated Import imports = 2; - }; + // imported. Refer to the scope setting associated with VirtualService, + // DestinationRule, ServiceEntry, etc. for details. + repeated string hosts = 5; - // REQUIRED. The set of services that workloads in this namespace are - // expected to talk to, in addition to other workloads in the same - // namespace. Dependencies describe the properties of outbound traffic from - // a given workload. - repeated Dependency dependencies = 1; + // The IP endpoint or unix domain socket to which traffic should be + // forwarded to by default. In the context of an ingress server, this + // configuration can be used to redirect traffic arriving at the bind + // point on the sidecar to a port or unix domain socket where the + // application workload is listening for connections. Format should be + // tcp://127.0.0.1:PORT or unix:///path/to/socket + string default_endpoint = 6; } // ConfigScope defines the visibility of an Istio configuration artifact in // a namespace when the namespace is imported. By default all // configuration artifacts are public. Configurations with private scope // will not be imported when the namespace containing the configuration is -// imported in a ServiceDependency. +// imported in a Sidecar. enum ConfigScope { // Config with this scope are visible to all workloads in the mesh PUBLIC = 0; diff --git a/proto.lock b/proto.lock index 0720d7b45d..510e00efa6 100644 --- a/proto.lock +++ b/proto.lock @@ -3010,6 +3010,11 @@ "name": "servers", "type": "Server", "is_repeated": true + }, + { + "id": 3, + "name": "workload_selector", + "type": "WorkloadSelector" } ], "maps": [ @@ -3117,6 +3122,26 @@ "type": "string" } ] + }, + { + "name": "WorkloadSelector", + "fields": [ + { + "id": 2, + "name": "ip", + "type": "string" + } + ], + "maps": [ + { + "key_type": "string", + "field": { + "id": 1, + "name": "labels", + "type": "string" + } + } + ] } ] } @@ -3269,51 +3294,60 @@ ], "messages": [ { - "name": "ServiceDependency", + "name": "Sidecar", "fields": [ { "id": 1, - "name": "dependencies", - "type": "Dependency", + "name": "workload_selector", + "type": "WorkloadSelector" + }, + { + "id": 2, + "name": "ingress", + "type": "IstioListener", + "is_repeated": true + }, + { + "id": 3, + "name": "egress", + "type": "IstioListener", "is_repeated": true } - ], - "messages": [ + ] + }, + { + "name": "IstioListener", + "fields": [ { - "name": "Import", - "fields": [ - { - "id": 1, - "name": "namespace", - "type": "string" - }, - { - "id": 2, - "name": "host", - "type": "string" - } - ] + "id": 1, + "name": "name", + "type": "string" }, { - "name": "Dependency", - "fields": [ - { - "id": 2, - "name": "imports", - "type": "Import", - "is_repeated": true - } - ], - "maps": [ - { - "key_type": "string", - "field": { - "id": 1, - "name": "source_workload_labels", - "type": "string" - } - } - ] + "id": 2, + "name": "bind_address", + "type": "string" + }, + { + "id": 3, + "name": "bind_to_port", + "type": "bool" + }, + { + "id": 4, + "name": "protocol", + "type": "string" + }, + { + "id": 5, + "name": "hosts", + "type": "string", + "is_repeated": true + }, + { + "id": 6, + "name": "default_endpoint", + "type": "string" } ] } diff --git a/python/istio_api/networking/v1alpha3/gateway_pb2.py b/python/istio_api/networking/v1alpha3/gateway_pb2.py index 3a492b02fd..3fae72c167 100644 --- a/python/istio_api/networking/v1alpha3/gateway_pb2.py +++ b/python/istio_api/networking/v1alpha3/gateway_pb2.py @@ -19,7 +19,7 @@ name='networking/v1alpha3/gateway.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xb2\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x42\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntry\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xb3\x05\n\x06Server\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\tB\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xfe\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x46\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntryB\x02\x18\x01\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xb3\x05\n\x06Server\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"\x96\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x12\n\n\x02ip\x18\x02 \x01(\t\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') ) @@ -49,8 +49,8 @@ ], containing_type=None, options=None, - serialized_start=784, - serialized_end=856, + serialized_start=860, + serialized_end=932, ) _sym_db.RegisterEnumDescriptor(_SERVER_TLSOPTIONS_TLSMODE) @@ -83,8 +83,8 @@ ], containing_type=None, options=None, - serialized_start=858, - serialized_end=937, + serialized_start=934, + serialized_end=1013, ) _sym_db.RegisterEnumDescriptor(_SERVER_TLSOPTIONS_TLSPROTOCOL) @@ -122,8 +122,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=196, - serialized_end=243, + serialized_start=272, + serialized_end=319, ) _GATEWAY = _descriptor.Descriptor( @@ -146,6 +146,13 @@ has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, + options=_descriptor._ParseOptions(descriptor_pb2.FieldOptions(), _b('\030\001')), file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='workload_selector', full_name='istio.networking.v1alpha3.Gateway.workload_selector', index=2, + number=3, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), ], extensions=[ @@ -160,7 +167,7 @@ oneofs=[ ], serialized_start=65, - serialized_end=243, + serialized_end=319, ) @@ -248,8 +255,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=378, - serialized_end=937, + serialized_start=454, + serialized_end=1013, ) _SERVER = _descriptor.Descriptor( @@ -292,8 +299,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=246, - serialized_end=937, + serialized_start=322, + serialized_end=1013, ) @@ -337,13 +344,89 @@ extension_ranges=[], oneofs=[ ], - serialized_start=939, - serialized_end=993, + serialized_start=1015, + serialized_end=1069, +) + + +_WORKLOADSELECTOR_LABELSENTRY = _descriptor.Descriptor( + name='LabelsEntry', + full_name='istio.networking.v1alpha3.WorkloadSelector.LabelsEntry', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name='key', full_name='istio.networking.v1alpha3.WorkloadSelector.LabelsEntry.key', index=0, + number=1, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='value', full_name='istio.networking.v1alpha3.WorkloadSelector.LabelsEntry.value', index=1, + number=2, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=_descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')), + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=1177, + serialized_end=1222, +) + +_WORKLOADSELECTOR = _descriptor.Descriptor( + name='WorkloadSelector', + full_name='istio.networking.v1alpha3.WorkloadSelector', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name='labels', full_name='istio.networking.v1alpha3.WorkloadSelector.labels', index=0, + number=1, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='ip', full_name='istio.networking.v1alpha3.WorkloadSelector.ip', index=1, + number=2, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[_WORKLOADSELECTOR_LABELSENTRY, ], + enum_types=[ + ], + options=None, + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=1072, + serialized_end=1222, ) _GATEWAY_SELECTORENTRY.containing_type = _GATEWAY _GATEWAY.fields_by_name['servers'].message_type = _SERVER _GATEWAY.fields_by_name['selector'].message_type = _GATEWAY_SELECTORENTRY +_GATEWAY.fields_by_name['workload_selector'].message_type = _WORKLOADSELECTOR _SERVER_TLSOPTIONS.fields_by_name['mode'].enum_type = _SERVER_TLSOPTIONS_TLSMODE _SERVER_TLSOPTIONS.fields_by_name['min_protocol_version'].enum_type = _SERVER_TLSOPTIONS_TLSPROTOCOL _SERVER_TLSOPTIONS.fields_by_name['max_protocol_version'].enum_type = _SERVER_TLSOPTIONS_TLSPROTOCOL @@ -352,9 +435,12 @@ _SERVER_TLSOPTIONS_TLSPROTOCOL.containing_type = _SERVER_TLSOPTIONS _SERVER.fields_by_name['port'].message_type = _PORT _SERVER.fields_by_name['tls'].message_type = _SERVER_TLSOPTIONS +_WORKLOADSELECTOR_LABELSENTRY.containing_type = _WORKLOADSELECTOR +_WORKLOADSELECTOR.fields_by_name['labels'].message_type = _WORKLOADSELECTOR_LABELSENTRY DESCRIPTOR.message_types_by_name['Gateway'] = _GATEWAY DESCRIPTOR.message_types_by_name['Server'] = _SERVER DESCRIPTOR.message_types_by_name['Port'] = _PORT +DESCRIPTOR.message_types_by_name['WorkloadSelector'] = _WORKLOADSELECTOR _sym_db.RegisterFileDescriptor(DESCRIPTOR) Gateway = _reflection.GeneratedProtocolMessageType('Gateway', (_message.Message,), dict( @@ -394,9 +480,28 @@ )) _sym_db.RegisterMessage(Port) +WorkloadSelector = _reflection.GeneratedProtocolMessageType('WorkloadSelector', (_message.Message,), dict( + + LabelsEntry = _reflection.GeneratedProtocolMessageType('LabelsEntry', (_message.Message,), dict( + DESCRIPTOR = _WORKLOADSELECTOR_LABELSENTRY, + __module__ = 'networking.v1alpha3.gateway_pb2' + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.WorkloadSelector.LabelsEntry) + )) + , + DESCRIPTOR = _WORKLOADSELECTOR, + __module__ = 'networking.v1alpha3.gateway_pb2' + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.WorkloadSelector) + )) +_sym_db.RegisterMessage(WorkloadSelector) +_sym_db.RegisterMessage(WorkloadSelector.LabelsEntry) + DESCRIPTOR.has_options = True DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('Z istio.io/api/networking/v1alpha3')) _GATEWAY_SELECTORENTRY.has_options = True _GATEWAY_SELECTORENTRY._options = _descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')) +_GATEWAY.fields_by_name['selector'].has_options = True +_GATEWAY.fields_by_name['selector']._options = _descriptor._ParseOptions(descriptor_pb2.FieldOptions(), _b('\030\001')) +_WORKLOADSELECTOR_LABELSENTRY.has_options = True +_WORKLOADSELECTOR_LABELSENTRY._options = _descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')) # @@protoc_insertion_point(module_scope) diff --git a/python/istio_api/networking/v1alpha3/sidecar_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py index 4793d7bbcb..5e0ce438b0 100644 --- a/python/istio_api/networking/v1alpha3/sidecar_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -14,14 +14,16 @@ _sym_db = _symbol_database.Default() +from networking.v1alpha3 import gateway_pb2 as networking_dot_v1alpha3_dot_gateway__pb2 DESCRIPTOR = _descriptor.FileDescriptor( name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\"\x92\x03\n\x11ServiceDependency\x12M\n\x0c\x64\x65pendencies\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.ServiceDependency.Dependency\x1a)\n\x06Import\x12\x11\n\tnamespace\x18\x01 \x01(\t\x12\x0c\n\x04host\x18\x02 \x01(\t\x1a\x82\x02\n\nDependency\x12q\n\x16source_workload_labels\x18\x01 \x03(\x0b\x32Q.istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry\x12\x44\n\x07imports\x18\x02 \x03(\x0b\x32\x33.istio.networking.v1alpha3.ServiceDependency.Import\x1a;\n\x19SourceWorkloadLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') -) + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\x84\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x62ind_address\x18\x02 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x03 \x01(\x08\x12\x10\n\x08protocol\x18\x04 \x01(\t\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + , + dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) _CONFIGSCOPE = _descriptor.EnumDescriptor( name='ConfigScope', @@ -40,8 +42,8 @@ ], containing_type=None, options=None, - serialized_start=469, - serialized_end=507, + serialized_start=435, + serialized_end=473, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) @@ -51,24 +53,31 @@ -_SERVICEDEPENDENCY_IMPORT = _descriptor.Descriptor( - name='Import', - full_name='istio.networking.v1alpha3.ServiceDependency.Import', +_SIDECAR = _descriptor.Descriptor( + name='Sidecar', + full_name='istio.networking.v1alpha3.Sidecar', filename=None, file=DESCRIPTOR, containing_type=None, fields=[ _descriptor.FieldDescriptor( - name='namespace', full_name='istio.networking.v1alpha3.ServiceDependency.Import.namespace', index=0, - number=1, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + name='workload_selector', full_name='istio.networking.v1alpha3.Sidecar.workload_selector', index=0, + number=1, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='host', full_name='istio.networking.v1alpha3.ServiceDependency.Import.host', index=1, - number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + name='ingress', full_name='istio.networking.v1alpha3.Sidecar.ingress', index=1, + number=2, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='egress', full_name='istio.networking.v1alpha3.Sidecar.egress', index=2, + number=3, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), @@ -84,102 +93,64 @@ extension_ranges=[], oneofs=[ ], - serialized_start=165, - serialized_end=206, + serialized_start=100, + serialized_end=298, ) -_SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY = _descriptor.Descriptor( - name='SourceWorkloadLabelsEntry', - full_name='istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry', + +_ISTIOLISTENER = _descriptor.Descriptor( + name='IstioListener', + full_name='istio.networking.v1alpha3.IstioListener', filename=None, file=DESCRIPTOR, containing_type=None, fields=[ _descriptor.FieldDescriptor( - name='key', full_name='istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry.key', index=0, + name='name', full_name='istio.networking.v1alpha3.IstioListener.name', index=0, number=1, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='value', full_name='istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry.value', index=1, + name='bind_address', full_name='istio.networking.v1alpha3.IstioListener.bind_address', index=1, number=2, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), - ], - extensions=[ - ], - nested_types=[], - enum_types=[ - ], - options=_descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')), - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=408, - serialized_end=467, -) - -_SERVICEDEPENDENCY_DEPENDENCY = _descriptor.Descriptor( - name='Dependency', - full_name='istio.networking.v1alpha3.ServiceDependency.Dependency', - filename=None, - file=DESCRIPTOR, - containing_type=None, - fields=[ _descriptor.FieldDescriptor( - name='source_workload_labels', full_name='istio.networking.v1alpha3.ServiceDependency.Dependency.source_workload_labels', index=0, - number=1, type=11, cpp_type=10, label=3, - has_default_value=False, default_value=[], + name='bind_to_port', full_name='istio.networking.v1alpha3.IstioListener.bind_to_port', index=2, + number=3, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='imports', full_name='istio.networking.v1alpha3.ServiceDependency.Dependency.imports', index=1, - number=2, type=11, cpp_type=10, label=3, - has_default_value=False, default_value=[], + name='protocol', full_name='istio.networking.v1alpha3.IstioListener.protocol', index=3, + number=4, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), - ], - extensions=[ - ], - nested_types=[_SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY, ], - enum_types=[ - ], - options=None, - is_extendable=False, - syntax='proto3', - extension_ranges=[], - oneofs=[ - ], - serialized_start=209, - serialized_end=467, -) - -_SERVICEDEPENDENCY = _descriptor.Descriptor( - name='ServiceDependency', - full_name='istio.networking.v1alpha3.ServiceDependency', - filename=None, - file=DESCRIPTOR, - containing_type=None, - fields=[ _descriptor.FieldDescriptor( - name='dependencies', full_name='istio.networking.v1alpha3.ServiceDependency.dependencies', index=0, - number=1, type=11, cpp_type=10, label=3, + name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=4, + number=5, type=9, cpp_type=9, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=5, + number=6, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], - nested_types=[_SERVICEDEPENDENCY_IMPORT, _SERVICEDEPENDENCY_DEPENDENCY, ], + nested_types=[], enum_types=[ ], options=None, @@ -188,54 +159,33 @@ extension_ranges=[], oneofs=[ ], - serialized_start=65, - serialized_end=467, + serialized_start=301, + serialized_end=433, ) -_SERVICEDEPENDENCY_IMPORT.containing_type = _SERVICEDEPENDENCY -_SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY.containing_type = _SERVICEDEPENDENCY_DEPENDENCY -_SERVICEDEPENDENCY_DEPENDENCY.fields_by_name['source_workload_labels'].message_type = _SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY -_SERVICEDEPENDENCY_DEPENDENCY.fields_by_name['imports'].message_type = _SERVICEDEPENDENCY_IMPORT -_SERVICEDEPENDENCY_DEPENDENCY.containing_type = _SERVICEDEPENDENCY -_SERVICEDEPENDENCY.fields_by_name['dependencies'].message_type = _SERVICEDEPENDENCY_DEPENDENCY -DESCRIPTOR.message_types_by_name['ServiceDependency'] = _SERVICEDEPENDENCY +_SIDECAR.fields_by_name['workload_selector'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._WORKLOADSELECTOR +_SIDECAR.fields_by_name['ingress'].message_type = _ISTIOLISTENER +_SIDECAR.fields_by_name['egress'].message_type = _ISTIOLISTENER +DESCRIPTOR.message_types_by_name['Sidecar'] = _SIDECAR +DESCRIPTOR.message_types_by_name['IstioListener'] = _ISTIOLISTENER DESCRIPTOR.enum_types_by_name['ConfigScope'] = _CONFIGSCOPE _sym_db.RegisterFileDescriptor(DESCRIPTOR) -ServiceDependency = _reflection.GeneratedProtocolMessageType('ServiceDependency', (_message.Message,), dict( - - Import = _reflection.GeneratedProtocolMessageType('Import', (_message.Message,), dict( - DESCRIPTOR = _SERVICEDEPENDENCY_IMPORT, - __module__ = 'networking.v1alpha3.sidecar_pb2' - # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Import) - )) - , +Sidecar = _reflection.GeneratedProtocolMessageType('Sidecar', (_message.Message,), dict( + DESCRIPTOR = _SIDECAR, + __module__ = 'networking.v1alpha3.sidecar_pb2' + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.Sidecar) + )) +_sym_db.RegisterMessage(Sidecar) - Dependency = _reflection.GeneratedProtocolMessageType('Dependency', (_message.Message,), dict( - - SourceWorkloadLabelsEntry = _reflection.GeneratedProtocolMessageType('SourceWorkloadLabelsEntry', (_message.Message,), dict( - DESCRIPTOR = _SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY, - __module__ = 'networking.v1alpha3.sidecar_pb2' - # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Dependency.SourceWorkloadLabelsEntry) - )) - , - DESCRIPTOR = _SERVICEDEPENDENCY_DEPENDENCY, - __module__ = 'networking.v1alpha3.sidecar_pb2' - # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency.Dependency) - )) - , - DESCRIPTOR = _SERVICEDEPENDENCY, +IstioListener = _reflection.GeneratedProtocolMessageType('IstioListener', (_message.Message,), dict( + DESCRIPTOR = _ISTIOLISTENER, __module__ = 'networking.v1alpha3.sidecar_pb2' - # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.ServiceDependency) + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.IstioListener) )) -_sym_db.RegisterMessage(ServiceDependency) -_sym_db.RegisterMessage(ServiceDependency.Import) -_sym_db.RegisterMessage(ServiceDependency.Dependency) -_sym_db.RegisterMessage(ServiceDependency.Dependency.SourceWorkloadLabelsEntry) +_sym_db.RegisterMessage(IstioListener) DESCRIPTOR.has_options = True DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('Z istio.io/api/networking/v1alpha3')) -_SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY.has_options = True -_SERVICEDEPENDENCY_DEPENDENCY_SOURCEWORKLOADLABELSENTRY._options = _descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')) # @@protoc_insertion_point(module_scope) From b64a035501b6c0afc5fa9514034831c520548926 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Thu, 27 Dec 2018 18:56:41 -0500 Subject: [PATCH 03/11] gateway updates Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/gateway.pb.go | 243 ++++++++++++++---- networking/v1alpha3/gateway.proto | 14 + .../istio.networking.v1alpha3.pb.html | 29 +++ proto.lock | 15 ++ .../networking/v1alpha3/gateway_pb2.py | 55 ++-- 5 files changed, 294 insertions(+), 62 deletions(-) diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index 1f375a3acb..84c5a1fb72 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -340,9 +340,13 @@ func (m *Gateway) GetWorkloadSelector() *WorkloadSelector { // privateKey: /etc/certs/privatekey.pem // ``` type Server struct { + // An arbitrary name associated with this server. Used for emitting metrics. + Name string `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"` // REQUIRED: The Port on which the proxy should listen for incoming // connections Port *Port `protobuf:"bytes,1,opt,name=port" json:"port,omitempty"` + // The IP address to which the listener should be bound to. + BindAddress string `protobuf:"bytes,5,opt,name=bind_address,json=bindAddress,proto3" json:"bind_address,omitempty"` // REQUIRED. A list of hosts exposed by this gateway. At least one // host is required. While typically applicable to // HTTP services, it can also be used for TCP services using TLS with @@ -362,6 +366,13 @@ type Server struct { // these options to control if all http requests should be redirected to // https, and the TLS modes to use. Tls *Server_TLSOptions `protobuf:"bytes,3,opt,name=tls" json:"tls,omitempty"` + // The IP endpoint or unix domain socket to which traffic should be + // forwarded to by default. In the context of an ingress server, this + // configuration can be used to redirect traffic arriving at the bind + // point on the sidecar to a port or unix domain socket where the + // application workload is listening for connections. Format should be + // tcp://127.0.0.1:PORT or unix:///path/to/socket + DefaultEndpoint string `protobuf:"bytes,4,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } func (m *Server) Reset() { *m = Server{} } @@ -369,6 +380,13 @@ func (m *Server) String() string { return proto.CompactTextString(m) func (*Server) ProtoMessage() {} func (*Server) Descriptor() ([]byte, []int) { return fileDescriptorGateway, []int{1} } +func (m *Server) GetName() string { + if m != nil { + return m.Name + } + return "" +} + func (m *Server) GetPort() *Port { if m != nil { return m.Port @@ -376,6 +394,13 @@ func (m *Server) GetPort() *Port { return nil } +func (m *Server) GetBindAddress() string { + if m != nil { + return m.BindAddress + } + return "" +} + func (m *Server) GetHosts() []string { if m != nil { return m.Hosts @@ -390,6 +415,13 @@ func (m *Server) GetTls() *Server_TLSOptions { return nil } +func (m *Server) GetDefaultEndpoint() string { + if m != nil { + return m.DefaultEndpoint + } + return "" +} + type Server_TLSOptions struct { // If set to true, the load balancer will send a 301 redirect for all // http connections, asking the clients to use HTTPS. @@ -677,6 +709,24 @@ func (m *Server) MarshalTo(dAtA []byte) (int, error) { } i += n3 } + if len(m.DefaultEndpoint) > 0 { + dAtA[i] = 0x22 + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(m.DefaultEndpoint))) + i += copy(dAtA[i:], m.DefaultEndpoint) + } + if len(m.BindAddress) > 0 { + dAtA[i] = 0x2a + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(m.BindAddress))) + i += copy(dAtA[i:], m.BindAddress) + } + if len(m.Name) > 0 { + dAtA[i] = 0x32 + i++ + i = encodeVarintGateway(dAtA, i, uint64(len(m.Name))) + i += copy(dAtA[i:], m.Name) + } return i, nil } @@ -897,6 +947,18 @@ func (m *Server) Size() (n int) { l = m.Tls.Size() n += 1 + l + sovGateway(uint64(l)) } + l = len(m.DefaultEndpoint) + if l > 0 { + n += 1 + l + sovGateway(uint64(l)) + } + l = len(m.BindAddress) + if l > 0 { + n += 1 + l + sovGateway(uint64(l)) + } + l = len(m.Name) + if l > 0 { + n += 1 + l + sovGateway(uint64(l)) + } return n } @@ -1346,6 +1408,93 @@ func (m *Server) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.DefaultEndpoint = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field BindAddress", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.BindAddress = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGateway + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGateway + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGateway(dAtA[iNdEx:]) @@ -2071,49 +2220,53 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/gateway.proto", fileDescriptorGateway) } var fileDescriptorGateway = []byte{ - // 703 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0xdd, 0x4e, 0xdb, 0x48, - 0x14, 0xc6, 0x4e, 0xc8, 0xcf, 0x31, 0x09, 0x66, 0x84, 0x56, 0xde, 0x5c, 0x40, 0xc8, 0x6a, 0xb5, - 0x68, 0xdb, 0x3a, 0x90, 0x54, 0x2a, 0x2d, 0x52, 0xa5, 0x50, 0x21, 0x52, 0x35, 0x90, 0x68, 0x9c, - 0xd0, 0xaa, 0x37, 0xd6, 0xc4, 0x4c, 0xc9, 0x80, 0x63, 0x5b, 0xf6, 0x24, 0x90, 0x97, 0x6a, 0xef, - 0xfb, 0x04, 0xbd, 0xe4, 0x11, 0x2a, 0x9e, 0xa4, 0xf2, 0x78, 0x42, 0x52, 0xda, 0x52, 0x45, 0xbd, - 0x9b, 0xf3, 0xf9, 0xfb, 0xbe, 0xf3, 0xe3, 0x99, 0x03, 0x5b, 0x1e, 0xe5, 0x57, 0x7e, 0x78, 0xc9, - 0xbc, 0xf3, 0xea, 0x78, 0x97, 0xb8, 0xc1, 0x80, 0xd4, 0xab, 0xe7, 0x84, 0xd3, 0x2b, 0x32, 0x31, - 0x83, 0xd0, 0xe7, 0x3e, 0xfa, 0x9b, 0x45, 0x9c, 0xf9, 0xe6, 0x8c, 0x68, 0x4e, 0x89, 0x95, 0x4f, - 0x2a, 0x64, 0x8f, 0x12, 0x32, 0xda, 0x87, 0x6c, 0x44, 0xc3, 0x31, 0x0d, 0x23, 0x43, 0x29, 0xa7, - 0xb6, 0xb5, 0xda, 0x96, 0xf9, 0x4b, 0xa1, 0x69, 0x09, 0x26, 0x9e, 0x2a, 0x50, 0x07, 0x72, 0x11, - 0x75, 0xa9, 0xc3, 0xfd, 0xd0, 0x50, 0x85, 0x7a, 0xe7, 0x01, 0xb5, 0x4c, 0x69, 0x5a, 0x52, 0x72, - 0xe8, 0xf1, 0x70, 0x72, 0xa0, 0x1a, 0x0a, 0xbe, 0x73, 0x41, 0xef, 0x60, 0x2d, 0xd6, 0xb9, 0x3e, - 0x39, 0xb3, 0xef, 0xac, 0x53, 0x65, 0x65, 0x5b, 0xab, 0x3d, 0x7a, 0xc0, 0xfa, 0xad, 0xd4, 0x4c, - 0xad, 0xb1, 0x7e, 0x75, 0x0f, 0x29, 0xed, 0x43, 0xe1, 0xbb, 0xc4, 0x48, 0x87, 0xd4, 0x25, 0x9d, - 0x18, 0x4a, 0x59, 0xd9, 0xce, 0xe3, 0xf8, 0x88, 0xd6, 0x61, 0x79, 0x4c, 0xdc, 0x11, 0x35, 0x54, - 0x81, 0x25, 0xc1, 0x0b, 0x75, 0x4f, 0xa9, 0xdc, 0x64, 0x20, 0x93, 0x34, 0x8f, 0xea, 0x90, 0x0e, - 0xfc, 0x90, 0x0b, 0x9d, 0x56, 0xdb, 0x7c, 0xa0, 0xa8, 0x8e, 0x1f, 0x72, 0x2c, 0xc8, 0xb1, 0xf3, - 0xc0, 0x8f, 0x78, 0x24, 0xa6, 0x94, 0xc7, 0x49, 0x80, 0x5e, 0x42, 0x8a, 0xbb, 0x91, 0x6c, 0xef, - 0xf1, 0x6f, 0xe7, 0x6e, 0x76, 0x5b, 0x56, 0x3b, 0xe0, 0xcc, 0xf7, 0x22, 0x1c, 0x0b, 0x4b, 0x9f, - 0x97, 0x01, 0x66, 0x18, 0xfa, 0x17, 0x8a, 0x03, 0xce, 0x83, 0xc8, 0x0e, 0xe9, 0x19, 0x0b, 0xa9, - 0x93, 0xd4, 0x98, 0xc3, 0x05, 0x81, 0x62, 0x09, 0xa2, 0x26, 0xa4, 0x87, 0xfe, 0x59, 0xd2, 0x64, - 0xb1, 0xf6, 0x74, 0x91, 0xb4, 0xf1, 0x31, 0xd6, 0x62, 0xe1, 0x80, 0x9e, 0x00, 0x4a, 0x6e, 0x82, - 0xed, 0xd0, 0x90, 0xb3, 0x0f, 0xcc, 0x21, 0x9c, 0x8a, 0x76, 0xf2, 0x78, 0x2d, 0xf9, 0xf2, 0x6a, - 0xf6, 0x01, 0x6d, 0x82, 0x16, 0x84, 0x6c, 0x4c, 0x38, 0xb5, 0xe3, 0xc1, 0xa7, 0x05, 0x0f, 0x24, - 0xf4, 0x86, 0x4e, 0xd0, 0x7f, 0xb0, 0xea, 0x90, 0x79, 0xaf, 0xc8, 0x58, 0x16, 0xa4, 0xa2, 0x43, - 0xe6, 0x8c, 0x22, 0xf4, 0x3f, 0xac, 0x45, 0xa3, 0xfe, 0x05, 0x75, 0xb8, 0x4d, 0x5c, 0x6e, 0x7b, - 0x64, 0x48, 0x23, 0x23, 0x23, 0x46, 0xbb, 0x2a, 0x3f, 0x34, 0x5c, 0x7e, 0x12, 0xc3, 0xe8, 0x02, - 0xd6, 0x87, 0xcc, 0xb3, 0xc5, 0xa3, 0x70, 0x7c, 0xd7, 0x8e, 0x2f, 0x2e, 0xf3, 0x3d, 0x23, 0x2b, - 0xda, 0xdf, 0x5b, 0xb4, 0xfd, 0x8e, 0xf4, 0xc1, 0x68, 0xc8, 0xbc, 0x69, 0x70, 0x9a, 0x78, 0x8a, - 0x5c, 0xe4, 0xfa, 0xc7, 0x5c, 0xb9, 0x3f, 0xce, 0x45, 0xae, 0xef, 0xe7, 0xfa, 0x07, 0x0a, 0x0e, - 0x0b, 0x06, 0x34, 0xb4, 0xa3, 0x11, 0x8b, 0x47, 0x95, 0x17, 0xfd, 0xaf, 0x24, 0xa0, 0x25, 0xb0, - 0x4a, 0x13, 0xb2, 0xf2, 0x97, 0xa1, 0x55, 0xd0, 0x3a, 0x0d, 0xcb, 0xea, 0x36, 0x71, 0xbb, 0x77, - 0xd4, 0xd4, 0x97, 0x10, 0x40, 0xc6, 0x7a, 0x7d, 0xdc, 0x69, 0x1d, 0xea, 0x4a, 0x7c, 0x3e, 0xee, - 0x75, 0x7b, 0x8d, 0x96, 0xae, 0xa2, 0x75, 0xd0, 0x1b, 0xbd, 0x6e, 0xdb, 0x9e, 0x67, 0xa7, 0x2a, - 0x6d, 0xd0, 0xe6, 0x2a, 0x42, 0x2b, 0x90, 0xeb, 0xb6, 0x2c, 0x3b, 0x26, 0xea, 0x4b, 0x48, 0x13, - 0x69, 0x4e, 0x77, 0xed, 0x1d, 0x5d, 0x99, 0x05, 0xbb, 0xba, 0x3a, 0x0b, 0x6a, 0x7a, 0x6a, 0x16, - 0xd4, 0xf5, 0x74, 0xe5, 0x04, 0xd2, 0xf1, 0x03, 0x41, 0x7f, 0x41, 0xc6, 0x1b, 0x0d, 0xfb, 0x34, - 0x14, 0xb7, 0xb5, 0x80, 0x65, 0x84, 0x4a, 0x90, 0x9b, 0xce, 0x51, 0xbe, 0xc7, 0xbb, 0x18, 0x21, - 0x48, 0xc7, 0xff, 0x5c, 0x5e, 0x35, 0x71, 0xae, 0x7c, 0x54, 0x40, 0xbf, 0xbf, 0x06, 0x50, 0x1b, - 0x32, 0x2e, 0xe9, 0x53, 0x77, 0xba, 0xdc, 0x9e, 0x2d, 0xb0, 0x43, 0xcc, 0x96, 0x50, 0x8a, 0x65, - 0x81, 0xa5, 0x0d, 0x2a, 0x82, 0xca, 0x02, 0x59, 0x8f, 0xca, 0x82, 0xd2, 0x73, 0xd0, 0xe6, 0x68, - 0x8b, 0xec, 0x94, 0x03, 0xf3, 0xcb, 0xed, 0x86, 0x72, 0x73, 0xbb, 0xa1, 0x7c, 0xbd, 0xdd, 0x50, - 0xde, 0x97, 0x93, 0xc2, 0x98, 0x5f, 0x25, 0x01, 0xab, 0xfe, 0x64, 0xbd, 0xf7, 0x33, 0xa2, 0xfd, - 0xfa, 0xb7, 0x00, 0x00, 0x00, 0xff, 0xff, 0xb7, 0x3f, 0x81, 0x66, 0xfc, 0x05, 0x00, 0x00, + // 755 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x4e, 0xdb, 0x48, + 0x14, 0xc6, 0x4e, 0xc8, 0xcf, 0x31, 0x49, 0xcc, 0x08, 0xad, 0xbc, 0xb9, 0x80, 0x90, 0xd5, 0x6a, + 0xd9, 0x3f, 0x07, 0x92, 0x95, 0x96, 0x5d, 0xa4, 0x4a, 0xa1, 0x42, 0xa4, 0x6a, 0x20, 0x91, 0x9d, + 0xd0, 0xaa, 0x37, 0xd6, 0xc4, 0x1e, 0xc8, 0x80, 0x63, 0x5b, 0xf6, 0x24, 0x90, 0x97, 0x6a, 0xa5, + 0x5e, 0xf6, 0x09, 0x7a, 0xd9, 0x47, 0xa8, 0x78, 0x92, 0xca, 0xe3, 0xc9, 0x4f, 0x69, 0x4b, 0x15, + 0xf5, 0x6e, 0xce, 0x37, 0xe7, 0xfb, 0xce, 0x9c, 0x6f, 0x7c, 0xc6, 0xb0, 0xeb, 0x11, 0x76, 0xeb, + 0x87, 0x37, 0xd4, 0xbb, 0xaa, 0x4d, 0x0e, 0xb0, 0x1b, 0x0c, 0x71, 0xa3, 0x76, 0x85, 0x19, 0xb9, + 0xc5, 0x53, 0x3d, 0x08, 0x7d, 0xe6, 0xa3, 0x9f, 0x69, 0xc4, 0xa8, 0xaf, 0x2f, 0x12, 0xf5, 0x59, + 0x62, 0xf5, 0x8d, 0x0c, 0xd9, 0xd3, 0x24, 0x19, 0x1d, 0x41, 0x36, 0x22, 0xe1, 0x84, 0x84, 0x91, + 0x26, 0x55, 0x52, 0x7b, 0x4a, 0x7d, 0x57, 0xff, 0x26, 0x51, 0x37, 0x79, 0xa6, 0x31, 0x63, 0xa0, + 0x2e, 0xe4, 0x22, 0xe2, 0x12, 0x9b, 0xf9, 0xa1, 0x26, 0x73, 0xf6, 0xfe, 0x23, 0x6c, 0x51, 0x52, + 0x37, 0x05, 0xe5, 0xc4, 0x63, 0xe1, 0xf4, 0x58, 0xd6, 0x24, 0x63, 0xae, 0x82, 0x5e, 0xc2, 0x66, + 0xcc, 0x73, 0x7d, 0xec, 0x58, 0x73, 0xe9, 0x54, 0x45, 0xda, 0x53, 0xea, 0x7f, 0x3e, 0x22, 0xfd, + 0x42, 0x70, 0x66, 0xd2, 0x86, 0x7a, 0xfb, 0x00, 0x29, 0x1f, 0x41, 0xe1, 0xb3, 0xc2, 0x48, 0x85, + 0xd4, 0x0d, 0x99, 0x6a, 0x52, 0x45, 0xda, 0xcb, 0x1b, 0xf1, 0x12, 0x6d, 0xc1, 0xfa, 0x04, 0xbb, + 0x63, 0xa2, 0xc9, 0x1c, 0x4b, 0x82, 0xff, 0xe5, 0x43, 0xa9, 0xfa, 0x36, 0x0b, 0x99, 0xa4, 0x79, + 0xd4, 0x80, 0x74, 0xe0, 0x87, 0x8c, 0xf3, 0x94, 0xfa, 0xce, 0x23, 0x87, 0xea, 0xfa, 0x21, 0x33, + 0x78, 0x72, 0xac, 0x3c, 0xf4, 0x23, 0x16, 0x71, 0x97, 0xf2, 0x46, 0x12, 0xa0, 0x27, 0x90, 0x62, + 0x6e, 0x24, 0xda, 0xfb, 0xeb, 0xbb, 0xbe, 0xeb, 0xbd, 0xb6, 0xd9, 0x09, 0x18, 0xf5, 0xbd, 0xc8, + 0x88, 0x89, 0xe8, 0x77, 0x50, 0x1d, 0x72, 0x89, 0xc7, 0x2e, 0xb3, 0x88, 0xe7, 0x04, 0x3e, 0xf5, + 0x98, 0x96, 0xe6, 0x47, 0x2f, 0x09, 0xfc, 0x44, 0xc0, 0x68, 0x17, 0x36, 0x06, 0xd4, 0x73, 0x2c, + 0xec, 0x38, 0x21, 0x89, 0x22, 0x6d, 0x9d, 0xa7, 0x29, 0x31, 0xd6, 0x4c, 0x20, 0x84, 0x20, 0xed, + 0xe1, 0x11, 0xd1, 0x32, 0x7c, 0x8b, 0xaf, 0xcb, 0xef, 0xd6, 0x01, 0x16, 0x55, 0xd1, 0xaf, 0x50, + 0x1c, 0x32, 0x16, 0x44, 0x56, 0x48, 0x1c, 0x1a, 0x12, 0x3b, 0x71, 0x21, 0x67, 0x14, 0x38, 0x6a, + 0x08, 0x10, 0xb5, 0x20, 0x3d, 0xf2, 0x9d, 0xc4, 0xc6, 0x62, 0xfd, 0x9f, 0x55, 0x1a, 0x8b, 0x97, + 0x31, 0xd7, 0xe0, 0x0a, 0xe8, 0x6f, 0x40, 0xc9, 0xb7, 0x66, 0xd9, 0x24, 0x64, 0xf4, 0x92, 0xda, + 0x98, 0x11, 0x6e, 0x58, 0xde, 0xd8, 0x4c, 0x76, 0x9e, 0x2e, 0x36, 0xd0, 0x0e, 0x28, 0x41, 0x48, + 0x27, 0x98, 0x11, 0x2b, 0xbe, 0xda, 0xc4, 0x0b, 0x10, 0xd0, 0x73, 0x32, 0x45, 0xbf, 0x41, 0xc9, + 0xc6, 0xcb, 0x5a, 0x33, 0x27, 0x8a, 0x36, 0x5e, 0x12, 0x8a, 0xd0, 0x1f, 0xb0, 0x19, 0x8d, 0x07, + 0xd7, 0xc4, 0x66, 0x16, 0x76, 0x99, 0x15, 0x9b, 0x11, 0x69, 0x19, 0x7e, 0x79, 0x25, 0xb1, 0xd1, + 0x74, 0xd9, 0x79, 0x0c, 0xa3, 0x6b, 0xd8, 0x1a, 0x51, 0xcf, 0xe2, 0x63, 0x67, 0xfb, 0xae, 0x15, + 0x8f, 0x06, 0xf5, 0x3d, 0x2d, 0xcb, 0xdb, 0x3f, 0x5c, 0xb5, 0xfd, 0xae, 0xd0, 0x31, 0xd0, 0x88, + 0x7a, 0xb3, 0xe0, 0x22, 0xd1, 0xe4, 0xb5, 0xf0, 0xdd, 0x97, 0xb5, 0x72, 0x3f, 0x5c, 0x0b, 0xdf, + 0x3d, 0xac, 0xf5, 0x0b, 0x14, 0x6c, 0x1a, 0x0c, 0x49, 0x68, 0x45, 0x63, 0x1a, 0x5b, 0x95, 0xe7, + 0xfd, 0x6f, 0x24, 0xa0, 0xc9, 0xb1, 0x6a, 0x0b, 0xb2, 0xe2, 0xca, 0x50, 0x09, 0x94, 0x6e, 0xd3, + 0x34, 0x7b, 0x2d, 0xa3, 0xd3, 0x3f, 0x6d, 0xa9, 0x6b, 0x08, 0x20, 0x63, 0x3e, 0x3b, 0xeb, 0xb6, + 0x4f, 0x54, 0x29, 0x5e, 0x9f, 0xf5, 0x7b, 0xfd, 0x66, 0x5b, 0x95, 0xd1, 0x16, 0xa8, 0xcd, 0x7e, + 0xaf, 0x63, 0x2d, 0x67, 0xa7, 0xaa, 0x1d, 0x50, 0x96, 0x4e, 0x84, 0x36, 0x20, 0xd7, 0x6b, 0x9b, + 0x56, 0x9c, 0xa8, 0xae, 0x21, 0x85, 0x97, 0xb9, 0x38, 0xb0, 0xf6, 0x55, 0x69, 0x11, 0x1c, 0xa8, + 0xf2, 0x22, 0xa8, 0xab, 0xa9, 0x45, 0xd0, 0x50, 0xd3, 0xd5, 0x73, 0x48, 0xc7, 0x23, 0x88, 0x7e, + 0x82, 0x8c, 0x37, 0x1e, 0x0d, 0x48, 0xc8, 0xbf, 0xd6, 0x82, 0x21, 0x22, 0x54, 0x86, 0xdc, 0xcc, + 0x47, 0x31, 0xf1, 0xf3, 0x78, 0x3e, 0x0c, 0xa9, 0xc5, 0x30, 0x54, 0x5f, 0x4b, 0xa0, 0x3e, 0x7c, + 0x68, 0x50, 0x07, 0x32, 0x2e, 0x1e, 0x10, 0x77, 0xf6, 0x7c, 0xfe, 0xbb, 0xc2, 0x2b, 0xa5, 0xb7, + 0x39, 0x93, 0x3f, 0x47, 0x86, 0x90, 0x41, 0x45, 0x90, 0x69, 0x20, 0xce, 0x23, 0xd3, 0xa0, 0xfc, + 0x1f, 0x28, 0x4b, 0x69, 0xab, 0xbc, 0x5a, 0xc7, 0xfa, 0xfb, 0xfb, 0x6d, 0xe9, 0xc3, 0xfd, 0xb6, + 0xf4, 0xf1, 0x7e, 0x5b, 0x7a, 0x55, 0x49, 0x0e, 0x46, 0xfd, 0x1a, 0x0e, 0x68, 0xed, 0x2b, 0x3f, + 0x90, 0x41, 0x86, 0xb7, 0xdf, 0xf8, 0x14, 0x00, 0x00, 0xff, 0xff, 0xca, 0x32, 0xf5, 0x33, 0x5e, + 0x06, 0x00, 0x00, } diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index 0cec634b68..fbe1b4dcf3 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -236,10 +236,16 @@ message Gateway { // privateKey: /etc/certs/privatekey.pem // ``` message Server { + // An arbitrary name associated with this server. Used for emitting metrics. + string name = 6; + // REQUIRED: The Port on which the proxy should listen for incoming // connections Port port = 1; + // The IP address to which the listener should be bound to. + string bind_address = 5; + // REQUIRED. A list of hosts exposed by this gateway. At least one // host is required. While typically applicable to // HTTP services, it can also be used for TCP services using TLS with @@ -343,6 +349,14 @@ message Server { // these options to control if all http requests should be redirected to // https, and the TLS modes to use. TLSOptions tls = 3; + + // The IP endpoint or unix domain socket to which traffic should be + // forwarded to by default. In the context of an ingress server, this + // configuration can be used to redirect traffic arriving at the bind + // point on the sidecar to a port or unix domain socket where the + // application workload is listening for connections. Format should be + // tcp://127.0.0.1:PORT or unix:///path/to/socket + string default_endpoint = 4; } // Port describes the properties of a specific port of a service. diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 60f47382ae..14cf58ccde 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -2822,6 +2822,14 @@

Server

+ +name +string + +

An arbitrary name associated with this server. Used for emitting metrics.

+ + + port Port @@ -2829,6 +2837,14 @@

Server

REQUIRED: The Port on which the proxy should listen for incoming connections

+ + + +bindAddress +string + +

The IP address to which the listener should be bound to.

+ @@ -2860,6 +2876,19 @@

Server

these options to control if all http requests should be redirected to https, and the TLS modes to use.

+ + + +defaultEndpoint +string + +

The IP endpoint or unix domain socket to which traffic should be +forwarded to by default. In the context of an ingress server, this +configuration can be used to redirect traffic arriving at the bind +point on the sidecar to a port or unix domain socket where the +application workload is listening for connections. Format should be +tcp://127.0.0.1:PORT or unix:///path/to/socket

+ diff --git a/proto.lock b/proto.lock index 4020d12f96..e0127b832c 100644 --- a/proto.lock +++ b/proto.lock @@ -3031,11 +3031,21 @@ { "name": "Server", "fields": [ + { + "id": 6, + "name": "name", + "type": "string" + }, { "id": 1, "name": "port", "type": "Port" }, + { + "id": 5, + "name": "bind_address", + "type": "string" + }, { "id": 2, "name": "hosts", @@ -3046,6 +3056,11 @@ "id": 3, "name": "tls", "type": "TLSOptions" + }, + { + "id": 4, + "name": "default_endpoint", + "type": "string" } ], "messages": [ diff --git a/python/istio_api/networking/v1alpha3/gateway_pb2.py b/python/istio_api/networking/v1alpha3/gateway_pb2.py index 3fae72c167..c7587d7a90 100644 --- a/python/istio_api/networking/v1alpha3/gateway_pb2.py +++ b/python/istio_api/networking/v1alpha3/gateway_pb2.py @@ -19,7 +19,7 @@ name='networking/v1alpha3/gateway.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xfe\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x46\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntryB\x02\x18\x01\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xb3\x05\n\x06Server\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"\x96\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x12\n\n\x02ip\x18\x02 \x01(\t\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xfe\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x46\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntryB\x02\x18\x01\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xf1\x05\n\x06Server\x12\x0c\n\x04name\x18\x06 \x01(\t\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x05 \x01(\t\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x04 \x01(\t\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"\x96\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x12\n\n\x02ip\x18\x02 \x01(\t\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') ) @@ -49,8 +49,8 @@ ], containing_type=None, options=None, - serialized_start=860, - serialized_end=932, + serialized_start=922, + serialized_end=994, ) _sym_db.RegisterEnumDescriptor(_SERVER_TLSOPTIONS_TLSMODE) @@ -83,8 +83,8 @@ ], containing_type=None, options=None, - serialized_start=934, - serialized_end=1013, + serialized_start=996, + serialized_end=1075, ) _sym_db.RegisterEnumDescriptor(_SERVER_TLSOPTIONS_TLSPROTOCOL) @@ -255,8 +255,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=454, - serialized_end=1013, + serialized_start=516, + serialized_end=1075, ) _SERVER = _descriptor.Descriptor( @@ -267,26 +267,47 @@ containing_type=None, fields=[ _descriptor.FieldDescriptor( - name='port', full_name='istio.networking.v1alpha3.Server.port', index=0, + name='name', full_name='istio.networking.v1alpha3.Server.name', index=0, + number=6, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='port', full_name='istio.networking.v1alpha3.Server.port', index=1, number=1, type=11, cpp_type=10, label=1, has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='hosts', full_name='istio.networking.v1alpha3.Server.hosts', index=1, + name='bind_address', full_name='istio.networking.v1alpha3.Server.bind_address', index=2, + number=5, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='hosts', full_name='istio.networking.v1alpha3.Server.hosts', index=3, number=2, type=9, cpp_type=9, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='tls', full_name='istio.networking.v1alpha3.Server.tls', index=2, + name='tls', full_name='istio.networking.v1alpha3.Server.tls', index=4, number=3, type=11, cpp_type=10, label=1, has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='default_endpoint', full_name='istio.networking.v1alpha3.Server.default_endpoint', index=5, + number=4, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -300,7 +321,7 @@ oneofs=[ ], serialized_start=322, - serialized_end=1013, + serialized_end=1075, ) @@ -344,8 +365,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1015, - serialized_end=1069, + serialized_start=1077, + serialized_end=1131, ) @@ -382,8 +403,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1177, - serialized_end=1222, + serialized_start=1239, + serialized_end=1284, ) _WORKLOADSELECTOR = _descriptor.Descriptor( @@ -419,8 +440,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1072, - serialized_end=1222, + serialized_start=1134, + serialized_end=1284, ) _GATEWAY_SELECTORENTRY.containing_type = _GATEWAY From 1d8cef693242ab40bbf48f07710b901ac2526381 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Fri, 28 Dec 2018 23:11:29 -0500 Subject: [PATCH 04/11] tweaks Signed-off-by: Shriram Rajagopalan --- mesh/v1alpha1/config.pb.go | 166 +++++++-------- mesh/v1alpha1/config.proto | 11 +- mesh/v1alpha1/istio.mesh.v1alpha1.pb.html | 24 +-- networking/v1alpha3/gateway.pb.go | 148 +++++--------- networking/v1alpha3/gateway.proto | 7 +- .../istio.networking.v1alpha3.pb.html | 99 ++++----- networking/v1alpha3/sidecar.pb.go | 192 ++++++++++++------ networking/v1alpha3/sidecar.proto | 70 ++++--- proto.lock | 25 +-- python/istio_api/mesh/v1alpha1/config_pb2.py | 10 +- .../networking/v1alpha3/gateway_pb2.py | 15 +- .../networking/v1alpha3/sidecar_pb2.py | 36 ++-- 12 files changed, 404 insertions(+), 399 deletions(-) diff --git a/mesh/v1alpha1/config.pb.go b/mesh/v1alpha1/config.pb.go index 0648b45242..9bd1306822 100644 --- a/mesh/v1alpha1/config.pb.go +++ b/mesh/v1alpha1/config.pb.go @@ -23,7 +23,7 @@ import proto "github.com/gogo/protobuf/proto" import fmt "fmt" import math "math" import google_protobuf "github.com/gogo/protobuf/types" -import istio_networking_v1alpha32 "istio.io/api/networking/v1alpha3" +import istio_networking_v1alpha33 "istio.io/api/networking/v1alpha3" import io "io" @@ -130,7 +130,7 @@ const ( MeshConfig_OutboundTrafficPolicy_REGISTRY_ONLY MeshConfig_OutboundTrafficPolicy_Mode = 0 // outbound traffic to unknown destinations will be allowed MeshConfig_OutboundTrafficPolicy_ALLOW_ANY MeshConfig_OutboundTrafficPolicy_Mode = 1 - // not implemented. outbound traffic will be restricted to destinations defined in VirtualServices only + // outbound traffic will be restricted to destinations defined in VirtualServices only MeshConfig_OutboundTrafficPolicy_VIRTUAL_SERVICE_ONLY MeshConfig_OutboundTrafficPolicy_Mode = 2 ) @@ -189,7 +189,7 @@ type MeshConfig struct { // Connection timeout used by Envoy. (MUST BE >=1ms) ConnectTimeout *google_protobuf.Duration `protobuf:"bytes,6,opt,name=connect_timeout,json=connectTimeout" json:"connect_timeout,omitempty"` // If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. - TcpKeepalive *istio_networking_v1alpha32.ConnectionPoolSettings_TCPSettings_TcpKeepalive `protobuf:"bytes,28,opt,name=tcp_keepalive,json=tcpKeepalive" json:"tcp_keepalive,omitempty"` + TcpKeepalive *istio_networking_v1alpha33.ConnectionPoolSettings_TCPSettings_TcpKeepalive `protobuf:"bytes,28,opt,name=tcp_keepalive,json=tcpKeepalive" json:"tcp_keepalive,omitempty"` // Class of ingress resources to be processed by Istio ingress // controller. This corresponds to the value of // "kubernetes.io/ingress.class" annotation. @@ -254,7 +254,7 @@ type MeshConfig struct { // and pass to sds server, which will be used to request key/cert eventually. // If both enable_sds_token_mount and sds_use_k8s_sa_jwt are set to true, enable_sds_token_mount(trustworthy jwt) takes precedence. // This isn't supported for non-k8s case. - SdsUseK8SSaJwt bool `protobuf:"varint,30,opt,name=sds_use_k8s_sa_jwt,json=sdsUseK8sSaJwt,proto3" json:"sds_use_k8s_sa_jwt,omitempty"` + SdsUseK8SSaJwt bool `protobuf:"varint,29,opt,name=sds_use_k8s_sa_jwt,json=sdsUseK8sSaJwt,proto3" json:"sds_use_k8s_sa_jwt,omitempty"` // The trust domain corresponds to the trust root of a system. // Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain // Fallback to old identity format(without trust domain) if not set. @@ -315,7 +315,7 @@ func (m *MeshConfig) GetConnectTimeout() *google_protobuf.Duration { return nil } -func (m *MeshConfig) GetTcpKeepalive() *istio_networking_v1alpha32.ConnectionPoolSettings_TCPSettings_TcpKeepalive { +func (m *MeshConfig) GetTcpKeepalive() *istio_networking_v1alpha33.ConnectionPoolSettings_TCPSettings_TcpKeepalive { if m != nil { return m.TcpKeepalive } @@ -455,6 +455,7 @@ func (m *MeshConfig) GetTrustDomain() string { return "" } +// $hide_from_docs type MeshConfig_OutboundTrafficPolicy struct { Mode MeshConfig_OutboundTrafficPolicy_Mode `protobuf:"varint,1,opt,name=mode,proto3,enum=istio.mesh.v1alpha1.MeshConfig_OutboundTrafficPolicy_Mode" json:"mode,omitempty"` } @@ -484,7 +485,7 @@ type ConfigSource struct { // Use the tls_settings to specify the tls mode to use. If the MCP server // uses Istio MTLS and shares the root CA with Pilot, specify the TLS // mode as ISTIO_MUTUAL. - TlsSettings *istio_networking_v1alpha32.TLSSettings `protobuf:"bytes,2,opt,name=tls_settings,json=tlsSettings" json:"tls_settings,omitempty"` + TlsSettings *istio_networking_v1alpha33.TLSSettings `protobuf:"bytes,2,opt,name=tls_settings,json=tlsSettings" json:"tls_settings,omitempty"` } func (m *ConfigSource) Reset() { *m = ConfigSource{} } @@ -499,7 +500,7 @@ func (m *ConfigSource) GetAddress() string { return "" } -func (m *ConfigSource) GetTlsSettings() *istio_networking_v1alpha32.TLSSettings { +func (m *ConfigSource) GetTlsSettings() *istio_networking_v1alpha33.TLSSettings { if m != nil { return m.TlsSettings } @@ -756,7 +757,7 @@ func (m *MeshConfig) MarshalTo(dAtA []byte) (int, error) { i += n6 } if m.SdsUseK8SSaJwt { - dAtA[i] = 0xf0 + dAtA[i] = 0xe8 i++ dAtA[i] = 0x1 i++ @@ -1685,13 +1686,13 @@ func (m *MeshConfig) Unmarshal(dAtA []byte) error { return io.ErrUnexpectedEOF } if m.TcpKeepalive == nil { - m.TcpKeepalive = &istio_networking_v1alpha32.ConnectionPoolSettings_TCPSettings_TcpKeepalive{} + m.TcpKeepalive = &istio_networking_v1alpha33.ConnectionPoolSettings_TCPSettings_TcpKeepalive{} } if err := m.TcpKeepalive.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex - case 30: + case 29: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field SdsUseK8SSaJwt", wireType) } @@ -1886,7 +1887,7 @@ func (m *ConfigSource) Unmarshal(dAtA []byte) error { return io.ErrUnexpectedEOF } if m.TlsSettings == nil { - m.TlsSettings = &istio_networking_v1alpha32.TLSSettings{} + m.TlsSettings = &istio_networking_v1alpha33.TLSSettings{} } if err := m.TlsSettings.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err @@ -2021,78 +2022,77 @@ var ( func init() { proto.RegisterFile("mesh/v1alpha1/config.proto", fileDescriptorConfig) } var fileDescriptorConfig = []byte{ - // 1153 bytes of a gzipped FileDescriptorProto + // 1147 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0xdb, 0x36, - 0x14, 0x8e, 0x52, 0xb7, 0x71, 0xe9, 0x3f, 0x99, 0xa9, 0x5b, 0xd6, 0xed, 0x32, 0x37, 0xc3, 0x5a, - 0x23, 0x18, 0x6c, 0x34, 0xc1, 0x80, 0x6e, 0x77, 0xa9, 0xe3, 0xb4, 0x4e, 0x9d, 0x38, 0x90, 0x94, + 0x14, 0x8e, 0xd2, 0xb4, 0x49, 0xe9, 0x3f, 0x99, 0xa9, 0x5b, 0xd6, 0xed, 0x32, 0x37, 0xc3, 0x5a, + 0x23, 0x18, 0x64, 0x34, 0xc1, 0x80, 0x6e, 0x77, 0xa9, 0xe3, 0xb4, 0x4e, 0x9d, 0x38, 0x90, 0x94, 0x6e, 0xdd, 0x0d, 0xa1, 0x48, 0xb4, 0xcd, 0x45, 0x16, 0x35, 0x91, 0xea, 0xcf, 0xb3, 0xed, 0x05, - 0x76, 0xb9, 0x9b, 0xdd, 0x0f, 0x7d, 0x92, 0x81, 0x87, 0x52, 0xe3, 0xb4, 0xc6, 0x32, 0xec, 0xce, - 0xfc, 0xce, 0x77, 0xce, 0x21, 0xbf, 0xf3, 0x23, 0xa3, 0xf6, 0x82, 0xc9, 0x79, 0xff, 0xed, 0x53, - 0x3f, 0x4a, 0xe6, 0xfe, 0xd3, 0x7e, 0x20, 0xe2, 0x29, 0x9f, 0xf5, 0x92, 0x54, 0x28, 0x81, 0x37, - 0xb9, 0x54, 0x5c, 0xf4, 0x34, 0xa3, 0x57, 0x30, 0xda, 0x5b, 0x33, 0x21, 0x66, 0x11, 0xeb, 0x03, - 0xe5, 0x3c, 0x9b, 0xf6, 0xc3, 0x2c, 0xf5, 0x15, 0x17, 0xb1, 0x71, 0x6a, 0xdf, 0xbf, 0x1a, 0x30, - 0x49, 0xc5, 0xfb, 0x0f, 0xb9, 0x69, 0x27, 0x66, 0xea, 0x9d, 0x48, 0x2f, 0x78, 0x3c, 0x2b, 0x08, - 0x7b, 0xfd, 0x90, 0x49, 0xc5, 0x63, 0x88, 0x40, 0xd3, 0x2c, 0x62, 0x86, 0xbb, 0xfd, 0x57, 0x03, - 0xa1, 0x63, 0x26, 0xe7, 0x03, 0xb8, 0x10, 0xfe, 0x0e, 0xe1, 0x05, 0x7f, 0xcf, 0x52, 0x1a, 0xcc, - 0x59, 0x70, 0x41, 0x25, 0x4b, 0xdf, 0xb2, 0x94, 0x58, 0x1d, 0xab, 0x7b, 0xdb, 0xb1, 0xc1, 0x32, - 0xd0, 0x06, 0x17, 0x70, 0xdc, 0x43, 0x9b, 0x86, 0x9d, 0xb2, 0x44, 0xa4, 0xaa, 0xa0, 0xaf, 0x03, - 0xbd, 0x09, 0x26, 0x07, 0x2c, 0x39, 0x7f, 0x17, 0xb5, 0x42, 0x2e, 0xfd, 0xf3, 0x88, 0xd1, 0x44, - 0x44, 0x3c, 0xf8, 0x60, 0xd2, 0x48, 0x72, 0xa3, 0x63, 0x75, 0xcb, 0xce, 0x66, 0x6e, 0x3c, 0x05, - 0x1b, 0x24, 0x92, 0x78, 0x07, 0x35, 0xe1, 0x6d, 0x34, 0xe2, 0x52, 0xb1, 0x98, 0xea, 0x70, 0xa4, - 0xd4, 0xb1, 0xba, 0x37, 0x9d, 0x06, 0x18, 0xc6, 0x80, 0x9f, 0x8a, 0x54, 0xe1, 0xc7, 0xc8, 0x40, - 0x74, 0xae, 0x54, 0x62, 0x98, 0x37, 0x81, 0x59, 0x03, 0xf8, 0xa5, 0x52, 0x09, 0xf0, 0x9e, 0xa3, - 0x46, 0x20, 0xe2, 0x98, 0x05, 0x8a, 0x2a, 0xbe, 0x60, 0x22, 0x53, 0xe4, 0x56, 0xc7, 0xea, 0x56, - 0x76, 0xef, 0xf7, 0x8c, 0xea, 0xbd, 0x42, 0xf5, 0xde, 0x41, 0xae, 0xba, 0x53, 0xcf, 0x3d, 0x3c, - 0xe3, 0x80, 0xbf, 0x41, 0x35, 0x1e, 0xcf, 0x52, 0x26, 0x25, 0x0d, 0x22, 0x5f, 0x4a, 0xb2, 0x01, - 0xaf, 0xae, 0xe6, 0xe0, 0x40, 0x63, 0xf8, 0x09, 0x6a, 0x14, 0x24, 0xad, 0x0d, 0x0f, 0x18, 0x29, - 0x03, 0xad, 0x9e, 0xc3, 0xae, 0x41, 0xf1, 0x02, 0xdd, 0xfb, 0x14, 0x4d, 0xc4, 0x2a, 0x15, 0x51, - 0xc4, 0x52, 0xba, 0x10, 0x21, 0x23, 0xb7, 0x3b, 0x56, 0xb7, 0xbe, 0xfb, 0x7d, 0x6f, 0x45, 0x93, - 0xf4, 0x2e, 0x2b, 0xd7, 0x1b, 0xe5, 0x79, 0x3f, 0x79, 0x1f, 0x8b, 0x90, 0x39, 0x2d, 0xbe, 0x0a, - 0xc6, 0x13, 0x54, 0xf1, 0x33, 0x35, 0xcf, 0xab, 0x40, 0x10, 0xa4, 0xd8, 0xb9, 0x2e, 0xc5, 0x7e, - 0xa6, 0xe6, 0xa6, 0x36, 0xcf, 0xd7, 0x89, 0xe5, 0x20, 0xff, 0xd3, 0x19, 0x8f, 0x50, 0x33, 0x0d, - 0x25, 0x4d, 0xd9, 0x34, 0x65, 0x72, 0x4e, 0x43, 0x16, 0xf9, 0x1f, 0x48, 0xe5, 0x1a, 0x4d, 0x21, - 0x4a, 0x23, 0x0d, 0xa5, 0x63, 0xdc, 0x0e, 0xb4, 0x17, 0xfe, 0x16, 0xd5, 0x59, 0x0c, 0x3d, 0xa2, - 0x52, 0x3f, 0xe0, 0xf1, 0x8c, 0x54, 0xa1, 0x3b, 0x6a, 0x06, 0xf5, 0x0c, 0xa8, 0x6b, 0xed, 0x07, - 0x81, 0x16, 0x2c, 0x12, 0x33, 0x3a, 0xe5, 0x11, 0x23, 0x35, 0x90, 0xb6, 0x66, 0xe0, 0xb1, 0x98, - 0x1d, 0xf2, 0x88, 0xe1, 0x17, 0xa8, 0x1e, 0xb2, 0xa9, 0x9f, 0x45, 0x8a, 0x9a, 0xa1, 0x23, 0x75, - 0xb8, 0x56, 0x67, 0xe5, 0x6b, 0x4f, 0x75, 0x9f, 0x98, 0xe7, 0x3a, 0xb5, 0xdc, 0x2f, 0x1f, 0x8d, - 0x27, 0xa8, 0x66, 0x9a, 0xdd, 0x0f, 0x43, 0x2d, 0x29, 0xb1, 0x75, 0x3a, 0x78, 0x43, 0x15, 0x0c, - 0xfb, 0x06, 0xc7, 0xbf, 0xa1, 0x7b, 0x22, 0x53, 0xe7, 0x22, 0x8b, 0x43, 0xfd, 0x84, 0xe9, 0x94, - 0x07, 0x85, 0xd0, 0x4d, 0x48, 0x7d, 0x6d, 0x2d, 0x27, 0xb9, 0xbb, 0x67, 0xbc, 0x97, 0x34, 0x6f, - 0x89, 0x55, 0x26, 0x7c, 0x80, 0xbe, 0xce, 0x35, 0x0b, 0x22, 0xce, 0x62, 0x45, 0x25, 0x0f, 0xaf, - 0xce, 0x18, 0xd9, 0x04, 0x11, 0x1f, 0x18, 0xda, 0x00, 0x58, 0x2e, 0x0f, 0x97, 0x67, 0x0d, 0x77, - 0x50, 0x55, 0x86, 0x92, 0x66, 0xa1, 0xa4, 0x89, 0xaf, 0xe6, 0xe4, 0x0e, 0xe8, 0x89, 0x64, 0x28, - 0xcf, 0x42, 0x79, 0xea, 0xab, 0xb9, 0x2e, 0xb3, 0xfc, 0xa2, 0xcc, 0xad, 0xff, 0x54, 0x66, 0xf9, - 0x59, 0x99, 0x5f, 0xa2, 0xba, 0xa9, 0x07, 0x95, 0x22, 0x4b, 0x03, 0x26, 0xc9, 0xdd, 0xce, 0x8d, - 0x6e, 0x65, 0xf7, 0xd1, 0x4a, 0x71, 0x8c, 0x30, 0x2e, 0x30, 0x9d, 0x5a, 0xb0, 0x74, 0x92, 0x78, - 0x0f, 0xdd, 0xcd, 0x1f, 0xaf, 0xef, 0xa6, 0xc4, 0x05, 0x8b, 0xe9, 0x42, 0x64, 0xb1, 0x22, 0xf7, - 0xcc, 0x5a, 0x31, 0x56, 0x37, 0x94, 0x9e, 0xb6, 0x1d, 0x6b, 0x93, 0x5e, 0x2b, 0xcb, 0xed, 0x23, - 0xd2, 0x85, 0xaf, 0x08, 0x81, 0x07, 0x37, 0x2e, 0x1b, 0x08, 0x60, 0x9d, 0x60, 0x59, 0x4a, 0x3a, - 0xf5, 0x79, 0x44, 0x45, 0xc2, 0x62, 0x72, 0xdf, 0x24, 0x48, 0x2e, 0x45, 0x3c, 0xf4, 0x79, 0x34, - 0x49, 0x58, 0x8c, 0x1f, 0xa1, 0xaa, 0x4a, 0x33, 0xa9, 0x68, 0x28, 0x16, 0x3e, 0x8f, 0x49, 0x1b, - 0x62, 0x57, 0x00, 0x3b, 0x00, 0x08, 0xfb, 0x68, 0x73, 0xe9, 0x0e, 0x2c, 0x0e, 0x44, 0xa8, 0xdb, - 0xfd, 0x01, 0x4c, 0xe3, 0xd3, 0x6b, 0xa7, 0xb1, 0xb8, 0xe5, 0x30, 0x77, 0x74, 0x9a, 0xfe, 0xe7, - 0x10, 0x16, 0xa8, 0xa6, 0x82, 0x84, 0x5e, 0x30, 0x96, 0xf8, 0x11, 0x7f, 0xcb, 0xc8, 0x43, 0x28, - 0xd6, 0x51, 0x1e, 0xfc, 0xf2, 0x43, 0x51, 0xa4, 0xd8, 0xd3, 0x52, 0xeb, 0x3d, 0xc7, 0x45, 0x7c, - 0x2a, 0x44, 0xe4, 0x32, 0xa5, 0x78, 0x3c, 0x93, 0x3d, 0x6f, 0x70, 0x7a, 0xf9, 0x3b, 0x48, 0x5e, - 0x15, 0x11, 0x9d, 0xaa, 0x5a, 0x3a, 0xe1, 0x1d, 0x84, 0xa1, 0x87, 0x24, 0xa3, 0x17, 0xcf, 0x24, - 0x95, 0x3e, 0xfd, 0xf5, 0x9d, 0x22, 0x5b, 0xa0, 0x53, 0x5d, 0x77, 0x92, 0x64, 0xaf, 0x9e, 0x49, - 0xd7, 0x3f, 0x7a, 0xa7, 0xda, 0xbf, 0x5b, 0xa8, 0xb5, 0xb2, 0xd5, 0xb1, 0x83, 0x4a, 0xb0, 0xfb, - 0x2c, 0x90, 0xe2, 0xc7, 0xff, 0x35, 0x2f, 0x3d, 0xbd, 0xe9, 0xa0, 0xf7, 0x20, 0xd6, 0xf6, 0x09, - 0x2a, 0xc1, 0xee, 0x6b, 0xa1, 0x9a, 0x33, 0x7c, 0x31, 0x72, 0x3d, 0xe7, 0x0d, 0x9d, 0x9c, 0x8c, - 0xdf, 0xd8, 0x6b, 0xed, 0xf5, 0xb2, 0x85, 0x9b, 0xe8, 0xf6, 0xfe, 0x78, 0x3c, 0xf9, 0x89, 0xee, - 0x9f, 0xbc, 0xb1, 0x2d, 0x80, 0x1e, 0xa2, 0x3b, 0xaf, 0x47, 0x8e, 0x77, 0xb6, 0x3f, 0xa6, 0xee, - 0xd0, 0x79, 0x3d, 0x1a, 0x0c, 0x8d, 0xc3, 0xba, 0xb6, 0x6e, 0xff, 0x80, 0x5a, 0x2b, 0x77, 0x2e, - 0xde, 0x40, 0x37, 0x26, 0x87, 0x87, 0xf6, 0x1a, 0xae, 0xa0, 0x8d, 0x83, 0xe1, 0xe1, 0xfe, 0xd9, - 0xd8, 0xb3, 0x2d, 0x8c, 0xd0, 0x2d, 0xd7, 0x73, 0x46, 0x03, 0xcf, 0x5e, 0xdf, 0x7e, 0x8c, 0xd0, - 0xe5, 0x2e, 0xc5, 0x65, 0x54, 0x3a, 0x99, 0x9c, 0x0c, 0xed, 0x35, 0x5c, 0x47, 0xe8, 0xf8, 0x0c, - 0xf2, 0x79, 0x63, 0xd7, 0xb6, 0xb6, 0x9f, 0xa0, 0xe6, 0x17, 0x55, 0xd6, 0x74, 0x6f, 0xf8, 0xb3, - 0x67, 0xaf, 0xe9, 0x5f, 0x47, 0xee, 0xe4, 0xc4, 0xb6, 0x8e, 0x4a, 0xe5, 0x86, 0x6d, 0x1f, 0x95, - 0xca, 0xd8, 0xde, 0x3c, 0x2a, 0x95, 0xbf, 0xb2, 0xb7, 0xb6, 0x25, 0xaa, 0x2e, 0xcf, 0x0c, 0x26, - 0x68, 0xa3, 0xd8, 0x5b, 0xe6, 0x6b, 0x5e, 0x1c, 0xf1, 0x08, 0x55, 0x55, 0xa4, 0xbf, 0x4f, 0xa6, - 0xb8, 0xf0, 0xf5, 0xae, 0xec, 0x3e, 0xfe, 0x97, 0x0e, 0xf1, 0xc6, 0x6e, 0xd1, 0x0a, 0x4e, 0x45, - 0x45, 0xb2, 0x38, 0x3c, 0xef, 0xfe, 0xf1, 0x71, 0xcb, 0xfa, 0xf3, 0xe3, 0x96, 0xf5, 0xf7, 0xc7, - 0x2d, 0xeb, 0x97, 0xb6, 0x89, 0xc0, 0x45, 0xdf, 0x4f, 0x78, 0xff, 0xca, 0xdf, 0x95, 0xf3, 0x5b, - 0xb0, 0x25, 0xf6, 0xfe, 0x09, 0x00, 0x00, 0xff, 0xff, 0xa1, 0x7b, 0x7f, 0xde, 0x17, 0x09, 0x00, - 0x00, + 0x76, 0xb7, 0x3d, 0xc2, 0xd0, 0x27, 0x19, 0x78, 0x28, 0x35, 0x4e, 0x6b, 0x2c, 0xc3, 0xee, 0xcc, + 0xef, 0x7c, 0xe7, 0x1c, 0xf2, 0x3b, 0x3f, 0x32, 0x6a, 0xcf, 0x99, 0x9c, 0xf5, 0xde, 0x3e, 0x0d, + 0xe2, 0x74, 0x16, 0x3c, 0xed, 0x85, 0x22, 0x99, 0xf0, 0xa9, 0x93, 0x66, 0x42, 0x09, 0xbc, 0xc9, + 0xa5, 0xe2, 0xc2, 0xd1, 0x0c, 0xa7, 0x64, 0xb4, 0xb7, 0xa6, 0x42, 0x4c, 0x63, 0xd6, 0x03, 0xca, + 0x79, 0x3e, 0xe9, 0x45, 0x79, 0x16, 0x28, 0x2e, 0x12, 0xe3, 0xd4, 0xbe, 0x7f, 0x35, 0x60, 0x9a, + 0x89, 0xf7, 0x1f, 0x0a, 0xd3, 0x4e, 0xc2, 0xd4, 0x3b, 0x91, 0x5d, 0xf0, 0x64, 0x5a, 0x12, 0xf6, + 0x7a, 0x11, 0x93, 0x8a, 0x27, 0x10, 0x81, 0x66, 0x79, 0xcc, 0x0c, 0x77, 0xfb, 0xcf, 0x06, 0x42, + 0xc7, 0x4c, 0xce, 0xfa, 0x70, 0x21, 0xfc, 0x1d, 0xc2, 0x73, 0xfe, 0x9e, 0x65, 0x34, 0x9c, 0xb1, + 0xf0, 0x82, 0x4a, 0x96, 0xbd, 0x65, 0x19, 0xb1, 0x3a, 0x56, 0xf7, 0xb6, 0x6b, 0x83, 0xa5, 0xaf, + 0x0d, 0x1e, 0xe0, 0xd8, 0x41, 0x9b, 0x86, 0x9d, 0xb1, 0x54, 0x64, 0xaa, 0xa4, 0xaf, 0x02, 0xbd, + 0x09, 0x26, 0x17, 0x2c, 0x05, 0x7f, 0x17, 0xb5, 0x22, 0x2e, 0x83, 0xf3, 0x98, 0xd1, 0x54, 0xc4, + 0x3c, 0xfc, 0x60, 0xd2, 0x48, 0x72, 0xa3, 0x63, 0x75, 0x37, 0xdc, 0xcd, 0xc2, 0x78, 0x0a, 0x36, + 0x48, 0x24, 0xf1, 0x0e, 0x6a, 0xc2, 0xdb, 0x68, 0xcc, 0xa5, 0x62, 0x09, 0xd5, 0xe1, 0xc8, 0x5a, + 0xc7, 0xea, 0xde, 0x74, 0x1b, 0x60, 0x18, 0x01, 0x7e, 0x2a, 0x32, 0x85, 0x1f, 0x23, 0x03, 0xd1, + 0x99, 0x52, 0xa9, 0x61, 0xde, 0x04, 0x66, 0x0d, 0xe0, 0x97, 0x4a, 0xa5, 0xc0, 0x7b, 0x8e, 0x1a, + 0xa1, 0x48, 0x12, 0x16, 0x2a, 0xaa, 0xf8, 0x9c, 0x89, 0x5c, 0x91, 0x5b, 0x1d, 0xab, 0x5b, 0xd9, + 0xbd, 0xef, 0x18, 0xd5, 0x9d, 0x52, 0x75, 0xe7, 0xa0, 0x50, 0xdd, 0xad, 0x17, 0x1e, 0xbe, 0x71, + 0xc0, 0xdf, 0xa0, 0x1a, 0x4f, 0xa6, 0x19, 0x93, 0x92, 0x86, 0x71, 0x20, 0x25, 0x59, 0x87, 0x57, + 0x57, 0x0b, 0xb0, 0xaf, 0x31, 0xfc, 0x04, 0x35, 0x4a, 0x92, 0xd6, 0x86, 0x87, 0x8c, 0x6c, 0x00, + 0xad, 0x5e, 0xc0, 0x9e, 0x41, 0xf1, 0x1c, 0xdd, 0xfb, 0x14, 0x4d, 0x24, 0x2a, 0x13, 0x71, 0xcc, + 0x32, 0x3a, 0x17, 0x11, 0x23, 0xb7, 0x3b, 0x56, 0xb7, 0xbe, 0xfb, 0xbd, 0xb3, 0xa4, 0x49, 0x9c, + 0xcb, 0xca, 0x39, 0xc3, 0x22, 0xef, 0x27, 0xef, 0x63, 0x11, 0x31, 0xb7, 0xc5, 0x97, 0xc1, 0x78, + 0x8c, 0x2a, 0x41, 0xae, 0x66, 0x45, 0x15, 0x08, 0x82, 0x14, 0x3b, 0xd7, 0xa5, 0xd8, 0xcf, 0xd5, + 0xcc, 0xd4, 0xe6, 0xf9, 0x2a, 0xb1, 0x5c, 0x14, 0x7c, 0x3a, 0xe3, 0x21, 0x6a, 0x66, 0x91, 0xa4, + 0x19, 0x9b, 0x64, 0x4c, 0xce, 0x68, 0xc4, 0xe2, 0xe0, 0x03, 0xa9, 0x5c, 0xa3, 0x29, 0x44, 0x69, + 0x64, 0x91, 0x74, 0x8d, 0xdb, 0x81, 0xf6, 0xc2, 0xdf, 0xa2, 0x3a, 0x4b, 0xa0, 0x47, 0x54, 0x16, + 0x84, 0x3c, 0x99, 0x92, 0x2a, 0x74, 0x47, 0xcd, 0xa0, 0xbe, 0x01, 0x75, 0xad, 0x83, 0x30, 0xd4, + 0x82, 0xc5, 0x62, 0x4a, 0x27, 0x3c, 0x66, 0xa4, 0x06, 0xd2, 0xd6, 0x0c, 0x3c, 0x12, 0xd3, 0x43, + 0x1e, 0x33, 0xfc, 0x02, 0xd5, 0x23, 0x36, 0x09, 0xf2, 0x58, 0x51, 0x33, 0x74, 0xa4, 0x0e, 0xd7, + 0xea, 0x2c, 0x7d, 0xed, 0xa9, 0xee, 0x13, 0xf3, 0x5c, 0xb7, 0x56, 0xf8, 0x15, 0xa3, 0xf1, 0x04, + 0xd5, 0x4c, 0xb3, 0x07, 0x51, 0xa4, 0x25, 0x25, 0xb6, 0x4e, 0x07, 0x6f, 0xa8, 0x82, 0x61, 0xdf, + 0xe0, 0xf8, 0x37, 0x74, 0x4f, 0xe4, 0xea, 0x5c, 0xe4, 0x49, 0xa4, 0x9f, 0x30, 0x99, 0xf0, 0xb0, + 0x14, 0xba, 0x09, 0xa9, 0xaf, 0xad, 0xe5, 0xb8, 0x70, 0xf7, 0x8d, 0xf7, 0x82, 0xe6, 0x2d, 0xb1, + 0xcc, 0x84, 0x0f, 0xd0, 0xd7, 0x85, 0x66, 0x61, 0xcc, 0x59, 0xa2, 0xa8, 0xe4, 0xd1, 0xd5, 0x19, + 0x23, 0x9b, 0x20, 0xe2, 0x03, 0x43, 0xeb, 0x03, 0xcb, 0xe3, 0xd1, 0xe2, 0xac, 0xe1, 0x0e, 0xaa, + 0xca, 0x48, 0xd2, 0x3c, 0x92, 0x34, 0x0d, 0xd4, 0x8c, 0xdc, 0x01, 0x3d, 0x91, 0x8c, 0xe4, 0x59, + 0x24, 0x4f, 0x03, 0x35, 0xd3, 0x65, 0x96, 0x5f, 0x94, 0xb9, 0xf5, 0x9f, 0xca, 0x2c, 0x3f, 0x2b, + 0xf3, 0x4b, 0x54, 0x37, 0xf5, 0xa0, 0x52, 0xe4, 0x59, 0xc8, 0x24, 0xb9, 0xdb, 0xb9, 0xd1, 0xad, + 0xec, 0x3e, 0x5a, 0x2a, 0x8e, 0x11, 0xc6, 0x03, 0xa6, 0x5b, 0x0b, 0x17, 0x4e, 0x12, 0xef, 0xa1, + 0xbb, 0xc5, 0xe3, 0xf5, 0xdd, 0x94, 0xb8, 0x60, 0x09, 0x9d, 0x8b, 0x3c, 0x51, 0xe4, 0x9e, 0x59, + 0x2b, 0xc6, 0xea, 0x45, 0xd2, 0xd7, 0xb6, 0x63, 0x6d, 0xd2, 0x6b, 0x65, 0xb1, 0x7d, 0x44, 0x36, + 0x0f, 0x14, 0x21, 0xf0, 0xe0, 0xc6, 0x65, 0x03, 0x01, 0xac, 0x13, 0x2c, 0x4a, 0x49, 0x27, 0x01, + 0x8f, 0xa9, 0x48, 0x59, 0x42, 0xee, 0x9b, 0x04, 0xe9, 0xa5, 0x88, 0x87, 0x01, 0x8f, 0xc7, 0x29, + 0x4b, 0xf0, 0x23, 0x54, 0x55, 0x59, 0x2e, 0x15, 0x8d, 0xc4, 0x3c, 0xe0, 0x09, 0x69, 0x43, 0xec, + 0x0a, 0x60, 0x07, 0x00, 0xe1, 0x00, 0x6d, 0x2e, 0xdc, 0x81, 0x25, 0xa1, 0x88, 0x74, 0xbb, 0x3f, + 0x80, 0x69, 0x7c, 0x7a, 0xed, 0x34, 0x96, 0xb7, 0x1c, 0x14, 0x8e, 0x6e, 0x33, 0xf8, 0x1c, 0xc2, + 0x02, 0xd5, 0x54, 0x98, 0xd2, 0x0b, 0xc6, 0xd2, 0x20, 0xe6, 0x6f, 0x19, 0x79, 0x08, 0xc5, 0x3a, + 0x2a, 0x82, 0x5f, 0x7e, 0x28, 0xca, 0x14, 0x7b, 0x5a, 0x6a, 0xbd, 0xe7, 0xb8, 0x48, 0x4e, 0x85, + 0x88, 0x3d, 0xa6, 0x14, 0x4f, 0xa6, 0xd2, 0xf1, 0xfb, 0xa7, 0x97, 0xbf, 0xc3, 0xf4, 0x55, 0x19, + 0xd1, 0xad, 0xaa, 0x85, 0x13, 0xde, 0x41, 0x18, 0x7a, 0x48, 0x32, 0x7a, 0xf1, 0x4c, 0x52, 0x19, + 0xd0, 0x5f, 0xdf, 0x29, 0xf2, 0x15, 0xe8, 0x54, 0xd7, 0x9d, 0x24, 0xd9, 0xab, 0x67, 0xd2, 0x0b, + 0x8e, 0xde, 0xa9, 0xf6, 0xef, 0x16, 0x6a, 0x2d, 0x6d, 0x75, 0xec, 0xa2, 0x35, 0xd8, 0x7d, 0x16, + 0x48, 0xf1, 0xe3, 0xff, 0x9a, 0x17, 0x47, 0x6f, 0x3a, 0xe8, 0x3d, 0x88, 0xb5, 0x7d, 0x82, 0xd6, + 0x60, 0xf7, 0xb5, 0x50, 0xcd, 0x1d, 0xbc, 0x18, 0x7a, 0xbe, 0xfb, 0x86, 0x8e, 0x4f, 0x46, 0x6f, + 0xec, 0x95, 0xf6, 0xea, 0x86, 0x85, 0x9b, 0xe8, 0xf6, 0xfe, 0x68, 0x34, 0xfe, 0x89, 0xee, 0x9f, + 0xbc, 0xb1, 0x2d, 0x80, 0x1e, 0xa2, 0x3b, 0xaf, 0x87, 0xae, 0x7f, 0xb6, 0x3f, 0xa2, 0xde, 0xc0, + 0x7d, 0x3d, 0xec, 0x0f, 0x8c, 0xc3, 0xaa, 0xb6, 0x6e, 0xff, 0x80, 0x5a, 0x4b, 0x77, 0x2e, 0x5e, + 0x47, 0x37, 0xc6, 0x87, 0x87, 0xf6, 0x0a, 0xae, 0xa0, 0xf5, 0x83, 0xc1, 0xe1, 0xfe, 0xd9, 0xc8, + 0xb7, 0x2d, 0x8c, 0xd0, 0x2d, 0xcf, 0x77, 0x87, 0x7d, 0xdf, 0x5e, 0xdd, 0x7e, 0x8c, 0xd0, 0xe5, + 0x2e, 0xc5, 0x1b, 0x68, 0xed, 0x64, 0x7c, 0x32, 0xb0, 0x57, 0x70, 0x1d, 0xa1, 0xe3, 0x33, 0xc8, + 0xe7, 0x8f, 0x3c, 0xdb, 0xda, 0x7e, 0x82, 0x9a, 0x5f, 0x54, 0x59, 0xd3, 0xfd, 0xc1, 0xcf, 0xbe, + 0xbd, 0xa2, 0x7f, 0x1d, 0x79, 0xe3, 0x13, 0xdb, 0x3a, 0x5a, 0xdb, 0x68, 0xd8, 0xf6, 0xd1, 0xda, + 0x06, 0xb6, 0x37, 0xb7, 0x25, 0xaa, 0x2e, 0x4e, 0x0b, 0x26, 0x68, 0xbd, 0xdc, 0x58, 0xe6, 0x3b, + 0x5e, 0x1e, 0xf1, 0x10, 0x55, 0x55, 0xac, 0xbf, 0x4c, 0xa6, 0xac, 0xf0, 0xdd, 0xae, 0xec, 0x3e, + 0xfe, 0x97, 0xde, 0xf0, 0x47, 0x5e, 0xd9, 0x04, 0x6e, 0x45, 0xc5, 0xb2, 0x3c, 0x3c, 0xef, 0xfe, + 0xf1, 0x71, 0xcb, 0xfa, 0xeb, 0xe3, 0x96, 0xf5, 0xf7, 0xc7, 0x2d, 0xeb, 0x97, 0xb6, 0x89, 0xc0, + 0x45, 0x2f, 0x48, 0x79, 0xef, 0xca, 0x1f, 0x95, 0xf3, 0x5b, 0xb0, 0x1f, 0xf6, 0xfe, 0x09, 0x00, + 0x00, 0xff, 0xff, 0x60, 0x2f, 0x70, 0x28, 0x11, 0x09, 0x00, 0x00, } diff --git a/mesh/v1alpha1/config.proto b/mesh/v1alpha1/config.proto index bf2e0c2b30..9148aebdf9 100644 --- a/mesh/v1alpha1/config.proto +++ b/mesh/v1alpha1/config.proto @@ -148,7 +148,8 @@ message MeshConfig { // $hide_from_docs string mixer_address = 16 [deprecated=true]; - + + // $hide_from_docs message OutboundTrafficPolicy { enum Mode { // outbound traffic will be restricted to services defined in the service registry as well as those defined @@ -156,7 +157,7 @@ message MeshConfig { REGISTRY_ONLY = 0 [deprecated=true]; // outbound traffic to unknown destinations will be allowed ALLOW_ANY = 1 [deprecated=true]; - // not implemented. outbound traffic will be restricted to destinations defined in VirtualServices only + // outbound traffic will be restricted to destinations defined in VirtualServices only VIRTUAL_SERVICE_ONLY = 2 [deprecated=true]; } Mode mode = 1 [deprecated=true]; @@ -202,17 +203,15 @@ message MeshConfig { // and pass to sds server, which will be used to request key/cert eventually. // If both enable_sds_token_mount and sds_use_k8s_sa_jwt are set to true, enable_sds_token_mount(trustworthy jwt) takes precedence. // This isn't supported for non-k8s case. - bool sds_use_k8s_sa_jwt = 30; + bool sds_use_k8s_sa_jwt = 29; // The trust domain corresponds to the trust root of a system. // Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain // Fallback to old identity format(without trust domain) if not set. string trust_domain = 26; - reserved 29; - // $hide_from_docs - // Next available field number: 31 + // Next available field number: 30 } // ConfigSource describes information about a configuration store inside a diff --git a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html index 77ddc649ac..1688ddd022 100644 --- a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html +++ b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html @@ -4,7 +4,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/service-mesh.html -number_of_entries: 16 +number_of_entries: 15 ---

AuthenticationPolicy

@@ -368,26 +368,6 @@

MeshConfig.IngressControllerMode

a secondary ingress controller (e.g., in addition to a cloud-provided ingress controller).

- - - - -
-

MeshConfig.OutboundTrafficPolicy

-
- - - - - - - - - - - - - @@ -421,7 +401,7 @@

MeshConfig.OutboundTrafficPolicy.

diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index 84c5a1fb72..4d827c0ea4 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -371,7 +371,7 @@ type Server struct { // configuration can be used to redirect traffic arriving at the bind // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be - // tcp://127.0.0.1:PORT or unix:///path/to/socket + // 127.0.0.1:PORT or unix:///path/to/socket DefaultEndpoint string `protobuf:"bytes,4,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } @@ -569,9 +569,6 @@ type WorkloadSelector struct { // label search is restricted to the configuration namespace in which the // workload is present. Labels map[string]string `protobuf:"bytes,1,rep,name=labels" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // The IP address of the workload (as seen by Pilot) on which this - // gateway/sidecar configuration should be applied. - Ip string `protobuf:"bytes,2,opt,name=ip,proto3" json:"ip,omitempty"` } func (m *WorkloadSelector) Reset() { *m = WorkloadSelector{} } @@ -586,13 +583,6 @@ func (m *WorkloadSelector) GetLabels() map[string]string { return nil } -func (m *WorkloadSelector) GetIp() string { - if m != nil { - return m.Ip - } - return "" -} - func init() { proto.RegisterType((*Gateway)(nil), "istio.networking.v1alpha3.Gateway") proto.RegisterType((*Server)(nil), "istio.networking.v1alpha3.Server") @@ -888,12 +878,6 @@ func (m *WorkloadSelector) MarshalTo(dAtA []byte) (int, error) { i += copy(dAtA[i:], v) } } - if len(m.Ip) > 0 { - dAtA[i] = 0x12 - i++ - i = encodeVarintGateway(dAtA, i, uint64(len(m.Ip))) - i += copy(dAtA[i:], m.Ip) - } return i, nil } @@ -1032,10 +1016,6 @@ func (m *WorkloadSelector) Size() (n int) { n += mapEntrySize + 1 + sovGateway(uint64(mapEntrySize)) } } - l = len(m.Ip) - if l > 0 { - n += 1 + l + sovGateway(uint64(l)) - } return n } @@ -2062,35 +2042,6 @@ func (m *WorkloadSelector) Unmarshal(dAtA []byte) error { } m.Labels[mapkey] = mapvalue iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Ip", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGateway - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGateway - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Ip = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGateway(dAtA[iNdEx:]) @@ -2220,53 +2171,52 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/gateway.proto", fileDescriptorGateway) } var fileDescriptorGateway = []byte{ - // 755 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x4e, 0xdb, 0x48, - 0x14, 0xc6, 0x4e, 0xc8, 0xcf, 0x31, 0x49, 0xcc, 0x08, 0xad, 0xbc, 0xb9, 0x80, 0x90, 0xd5, 0x6a, - 0xd9, 0x3f, 0x07, 0x92, 0x95, 0x96, 0x5d, 0xa4, 0x4a, 0xa1, 0x42, 0xa4, 0x6a, 0x20, 0x91, 0x9d, - 0xd0, 0xaa, 0x37, 0xd6, 0xc4, 0x1e, 0xc8, 0x80, 0x63, 0x5b, 0xf6, 0x24, 0x90, 0x97, 0x6a, 0xa5, - 0x5e, 0xf6, 0x09, 0x7a, 0xd9, 0x47, 0xa8, 0x78, 0x92, 0xca, 0xe3, 0xc9, 0x4f, 0x69, 0x4b, 0x15, - 0xf5, 0x6e, 0xce, 0x37, 0xe7, 0xfb, 0xce, 0x9c, 0x6f, 0x7c, 0xc6, 0xb0, 0xeb, 0x11, 0x76, 0xeb, - 0x87, 0x37, 0xd4, 0xbb, 0xaa, 0x4d, 0x0e, 0xb0, 0x1b, 0x0c, 0x71, 0xa3, 0x76, 0x85, 0x19, 0xb9, - 0xc5, 0x53, 0x3d, 0x08, 0x7d, 0xe6, 0xa3, 0x9f, 0x69, 0xc4, 0xa8, 0xaf, 0x2f, 0x12, 0xf5, 0x59, - 0x62, 0xf5, 0x8d, 0x0c, 0xd9, 0xd3, 0x24, 0x19, 0x1d, 0x41, 0x36, 0x22, 0xe1, 0x84, 0x84, 0x91, - 0x26, 0x55, 0x52, 0x7b, 0x4a, 0x7d, 0x57, 0xff, 0x26, 0x51, 0x37, 0x79, 0xa6, 0x31, 0x63, 0xa0, - 0x2e, 0xe4, 0x22, 0xe2, 0x12, 0x9b, 0xf9, 0xa1, 0x26, 0x73, 0xf6, 0xfe, 0x23, 0x6c, 0x51, 0x52, - 0x37, 0x05, 0xe5, 0xc4, 0x63, 0xe1, 0xf4, 0x58, 0xd6, 0x24, 0x63, 0xae, 0x82, 0x5e, 0xc2, 0x66, - 0xcc, 0x73, 0x7d, 0xec, 0x58, 0x73, 0xe9, 0x54, 0x45, 0xda, 0x53, 0xea, 0x7f, 0x3e, 0x22, 0xfd, - 0x42, 0x70, 0x66, 0xd2, 0x86, 0x7a, 0xfb, 0x00, 0x29, 0x1f, 0x41, 0xe1, 0xb3, 0xc2, 0x48, 0x85, - 0xd4, 0x0d, 0x99, 0x6a, 0x52, 0x45, 0xda, 0xcb, 0x1b, 0xf1, 0x12, 0x6d, 0xc1, 0xfa, 0x04, 0xbb, - 0x63, 0xa2, 0xc9, 0x1c, 0x4b, 0x82, 0xff, 0xe5, 0x43, 0xa9, 0xfa, 0x36, 0x0b, 0x99, 0xa4, 0x79, - 0xd4, 0x80, 0x74, 0xe0, 0x87, 0x8c, 0xf3, 0x94, 0xfa, 0xce, 0x23, 0x87, 0xea, 0xfa, 0x21, 0x33, - 0x78, 0x72, 0xac, 0x3c, 0xf4, 0x23, 0x16, 0x71, 0x97, 0xf2, 0x46, 0x12, 0xa0, 0x27, 0x90, 0x62, - 0x6e, 0x24, 0xda, 0xfb, 0xeb, 0xbb, 0xbe, 0xeb, 0xbd, 0xb6, 0xd9, 0x09, 0x18, 0xf5, 0xbd, 0xc8, - 0x88, 0x89, 0xe8, 0x77, 0x50, 0x1d, 0x72, 0x89, 0xc7, 0x2e, 0xb3, 0x88, 0xe7, 0x04, 0x3e, 0xf5, - 0x98, 0x96, 0xe6, 0x47, 0x2f, 0x09, 0xfc, 0x44, 0xc0, 0x68, 0x17, 0x36, 0x06, 0xd4, 0x73, 0x2c, - 0xec, 0x38, 0x21, 0x89, 0x22, 0x6d, 0x9d, 0xa7, 0x29, 0x31, 0xd6, 0x4c, 0x20, 0x84, 0x20, 0xed, - 0xe1, 0x11, 0xd1, 0x32, 0x7c, 0x8b, 0xaf, 0xcb, 0xef, 0xd6, 0x01, 0x16, 0x55, 0xd1, 0xaf, 0x50, - 0x1c, 0x32, 0x16, 0x44, 0x56, 0x48, 0x1c, 0x1a, 0x12, 0x3b, 0x71, 0x21, 0x67, 0x14, 0x38, 0x6a, - 0x08, 0x10, 0xb5, 0x20, 0x3d, 0xf2, 0x9d, 0xc4, 0xc6, 0x62, 0xfd, 0x9f, 0x55, 0x1a, 0x8b, 0x97, - 0x31, 0xd7, 0xe0, 0x0a, 0xe8, 0x6f, 0x40, 0xc9, 0xb7, 0x66, 0xd9, 0x24, 0x64, 0xf4, 0x92, 0xda, - 0x98, 0x11, 0x6e, 0x58, 0xde, 0xd8, 0x4c, 0x76, 0x9e, 0x2e, 0x36, 0xd0, 0x0e, 0x28, 0x41, 0x48, - 0x27, 0x98, 0x11, 0x2b, 0xbe, 0xda, 0xc4, 0x0b, 0x10, 0xd0, 0x73, 0x32, 0x45, 0xbf, 0x41, 0xc9, - 0xc6, 0xcb, 0x5a, 0x33, 0x27, 0x8a, 0x36, 0x5e, 0x12, 0x8a, 0xd0, 0x1f, 0xb0, 0x19, 0x8d, 0x07, - 0xd7, 0xc4, 0x66, 0x16, 0x76, 0x99, 0x15, 0x9b, 0x11, 0x69, 0x19, 0x7e, 0x79, 0x25, 0xb1, 0xd1, - 0x74, 0xd9, 0x79, 0x0c, 0xa3, 0x6b, 0xd8, 0x1a, 0x51, 0xcf, 0xe2, 0x63, 0x67, 0xfb, 0xae, 0x15, - 0x8f, 0x06, 0xf5, 0x3d, 0x2d, 0xcb, 0xdb, 0x3f, 0x5c, 0xb5, 0xfd, 0xae, 0xd0, 0x31, 0xd0, 0x88, - 0x7a, 0xb3, 0xe0, 0x22, 0xd1, 0xe4, 0xb5, 0xf0, 0xdd, 0x97, 0xb5, 0x72, 0x3f, 0x5c, 0x0b, 0xdf, - 0x3d, 0xac, 0xf5, 0x0b, 0x14, 0x6c, 0x1a, 0x0c, 0x49, 0x68, 0x45, 0x63, 0x1a, 0x5b, 0x95, 0xe7, - 0xfd, 0x6f, 0x24, 0xa0, 0xc9, 0xb1, 0x6a, 0x0b, 0xb2, 0xe2, 0xca, 0x50, 0x09, 0x94, 0x6e, 0xd3, - 0x34, 0x7b, 0x2d, 0xa3, 0xd3, 0x3f, 0x6d, 0xa9, 0x6b, 0x08, 0x20, 0x63, 0x3e, 0x3b, 0xeb, 0xb6, - 0x4f, 0x54, 0x29, 0x5e, 0x9f, 0xf5, 0x7b, 0xfd, 0x66, 0x5b, 0x95, 0xd1, 0x16, 0xa8, 0xcd, 0x7e, - 0xaf, 0x63, 0x2d, 0x67, 0xa7, 0xaa, 0x1d, 0x50, 0x96, 0x4e, 0x84, 0x36, 0x20, 0xd7, 0x6b, 0x9b, - 0x56, 0x9c, 0xa8, 0xae, 0x21, 0x85, 0x97, 0xb9, 0x38, 0xb0, 0xf6, 0x55, 0x69, 0x11, 0x1c, 0xa8, - 0xf2, 0x22, 0xa8, 0xab, 0xa9, 0x45, 0xd0, 0x50, 0xd3, 0xd5, 0x73, 0x48, 0xc7, 0x23, 0x88, 0x7e, - 0x82, 0x8c, 0x37, 0x1e, 0x0d, 0x48, 0xc8, 0xbf, 0xd6, 0x82, 0x21, 0x22, 0x54, 0x86, 0xdc, 0xcc, - 0x47, 0x31, 0xf1, 0xf3, 0x78, 0x3e, 0x0c, 0xa9, 0xc5, 0x30, 0x54, 0x5f, 0x4b, 0xa0, 0x3e, 0x7c, - 0x68, 0x50, 0x07, 0x32, 0x2e, 0x1e, 0x10, 0x77, 0xf6, 0x7c, 0xfe, 0xbb, 0xc2, 0x2b, 0xa5, 0xb7, - 0x39, 0x93, 0x3f, 0x47, 0x86, 0x90, 0x41, 0x45, 0x90, 0x69, 0x20, 0xce, 0x23, 0xd3, 0xa0, 0xfc, - 0x1f, 0x28, 0x4b, 0x69, 0xab, 0xbc, 0x5a, 0xc7, 0xfa, 0xfb, 0xfb, 0x6d, 0xe9, 0xc3, 0xfd, 0xb6, - 0xf4, 0xf1, 0x7e, 0x5b, 0x7a, 0x55, 0x49, 0x0e, 0x46, 0xfd, 0x1a, 0x0e, 0x68, 0xed, 0x2b, 0x3f, - 0x90, 0x41, 0x86, 0xb7, 0xdf, 0xf8, 0x14, 0x00, 0x00, 0xff, 0xff, 0xca, 0x32, 0xf5, 0x33, 0x5e, - 0x06, 0x00, 0x00, + // 746 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x6e, 0xd3, 0x4c, + 0x10, 0xad, 0x93, 0x34, 0x3f, 0xe3, 0xa6, 0x71, 0x57, 0xd5, 0x27, 0x7f, 0xb9, 0x68, 0xd3, 0x20, + 0x44, 0xf9, 0x73, 0xda, 0x04, 0x89, 0x42, 0x25, 0xa4, 0x14, 0x55, 0x0d, 0x22, 0x6d, 0x22, 0x3b, + 0x29, 0x88, 0x1b, 0x6b, 0x63, 0x6f, 0x9b, 0x6d, 0x1d, 0xdb, 0xb2, 0x37, 0x69, 0xf3, 0x32, 0xbc, + 0x02, 0x12, 0x97, 0x3c, 0x01, 0x97, 0x3c, 0x02, 0xea, 0x93, 0xa0, 0x5d, 0x3b, 0x3f, 0x14, 0x28, + 0x8a, 0xb8, 0xdb, 0x39, 0x3b, 0xe7, 0xcc, 0xce, 0x59, 0xcf, 0x1a, 0xb6, 0x5c, 0xc2, 0xae, 0xbc, + 0xe0, 0x92, 0xba, 0xe7, 0x95, 0xd1, 0x2e, 0x76, 0xfc, 0x3e, 0xae, 0x55, 0xce, 0x31, 0x23, 0x57, + 0x78, 0xac, 0xf9, 0x81, 0xc7, 0x3c, 0xf4, 0x3f, 0x0d, 0x19, 0xf5, 0xb4, 0x59, 0xa2, 0x36, 0x49, + 0x2c, 0x7f, 0x4a, 0x40, 0xe6, 0x28, 0x4a, 0x46, 0xfb, 0x90, 0x09, 0x49, 0x30, 0x22, 0x41, 0xa8, + 0x4a, 0xa5, 0xe4, 0xb6, 0x5c, 0xdd, 0xd2, 0xfe, 0x48, 0xd4, 0x0c, 0x91, 0xa9, 0x4f, 0x18, 0xa8, + 0x0d, 0xd9, 0x90, 0x38, 0xc4, 0x62, 0x5e, 0xa0, 0x26, 0x04, 0x7b, 0xe7, 0x0e, 0x76, 0x5c, 0x52, + 0x33, 0x62, 0xca, 0xa1, 0xcb, 0x82, 0xf1, 0x41, 0x42, 0x95, 0xf4, 0xa9, 0x0a, 0x7a, 0x0f, 0x6b, + 0x9c, 0xe7, 0x78, 0xd8, 0x36, 0xa7, 0xd2, 0xc9, 0x92, 0xb4, 0x2d, 0x57, 0x1f, 0xdf, 0x21, 0xfd, + 0x2e, 0xe6, 0x4c, 0xa4, 0x75, 0xe5, 0xea, 0x16, 0x52, 0xdc, 0x87, 0xfc, 0x4f, 0x85, 0x91, 0x02, + 0xc9, 0x4b, 0x32, 0x56, 0xa5, 0x92, 0xb4, 0x9d, 0xd3, 0xf9, 0x12, 0xad, 0xc3, 0xf2, 0x08, 0x3b, + 0x43, 0xa2, 0x26, 0x04, 0x16, 0x05, 0x2f, 0x13, 0x7b, 0x52, 0xf9, 0x73, 0x06, 0xd2, 0x51, 0xf3, + 0xa8, 0x06, 0x29, 0xdf, 0x0b, 0x98, 0xe0, 0xc9, 0xd5, 0xcd, 0x3b, 0x0e, 0xd5, 0xf6, 0x02, 0xa6, + 0x8b, 0x64, 0xae, 0xdc, 0xf7, 0x42, 0x16, 0x0a, 0x97, 0x72, 0x7a, 0x14, 0xa0, 0x57, 0x90, 0x64, + 0x4e, 0x18, 0xb7, 0xf7, 0xe4, 0xaf, 0xbe, 0x6b, 0x9d, 0xa6, 0xd1, 0xf2, 0x19, 0xf5, 0xdc, 0x50, + 0xe7, 0x44, 0xf4, 0x10, 0x14, 0x9b, 0x9c, 0xe1, 0xa1, 0xc3, 0x4c, 0xe2, 0xda, 0xbe, 0x47, 0x5d, + 0xa6, 0xa6, 0xc4, 0xd1, 0x0b, 0x31, 0x7e, 0x18, 0xc3, 0x68, 0x0b, 0x56, 0x7a, 0xd4, 0xb5, 0x4d, + 0x6c, 0xdb, 0x01, 0x09, 0x43, 0x75, 0x59, 0xa4, 0xc9, 0x1c, 0xab, 0x47, 0x10, 0x42, 0x90, 0x72, + 0xf1, 0x80, 0xa8, 0x69, 0xb1, 0x25, 0xd6, 0xc5, 0x2f, 0xcb, 0x00, 0xb3, 0xaa, 0xe8, 0x3e, 0xac, + 0xf6, 0x19, 0xf3, 0x43, 0x33, 0x20, 0x36, 0x0d, 0x88, 0x15, 0xb9, 0x90, 0xd5, 0xf3, 0x02, 0xd5, + 0x63, 0x10, 0x35, 0x20, 0x35, 0xf0, 0xec, 0xc8, 0xc6, 0xd5, 0xea, 0xb3, 0x45, 0x1a, 0xe3, 0x4b, + 0xce, 0xd5, 0x85, 0x02, 0x7a, 0x0a, 0x28, 0xfa, 0xd6, 0x4c, 0x8b, 0x04, 0x8c, 0x9e, 0x51, 0x0b, + 0x33, 0x22, 0x0c, 0xcb, 0xe9, 0x6b, 0xd1, 0xce, 0xeb, 0xd9, 0x06, 0xda, 0x04, 0xd9, 0x0f, 0xe8, + 0x08, 0x33, 0x62, 0xf2, 0xab, 0x8d, 0xbc, 0x80, 0x18, 0x7a, 0x4b, 0xc6, 0xe8, 0x01, 0x14, 0x2c, + 0x3c, 0xaf, 0x35, 0x71, 0x62, 0xd5, 0xc2, 0x73, 0x42, 0x21, 0x7a, 0x04, 0x6b, 0xe1, 0xb0, 0x77, + 0x41, 0x2c, 0x66, 0x62, 0x87, 0x99, 0xdc, 0x8c, 0x50, 0x4d, 0x8b, 0xcb, 0x2b, 0xc4, 0x1b, 0x75, + 0x87, 0x9d, 0x70, 0x18, 0x5d, 0xc0, 0xfa, 0x80, 0xba, 0xa6, 0x18, 0x3b, 0xcb, 0x73, 0x4c, 0x3e, + 0x1a, 0xd4, 0x73, 0xd5, 0x8c, 0x68, 0x7f, 0x6f, 0xd1, 0xf6, 0xdb, 0xb1, 0x8e, 0x8e, 0x06, 0xd4, + 0x9d, 0x04, 0xa7, 0x91, 0xa6, 0xa8, 0x85, 0xaf, 0x7f, 0xad, 0x95, 0xfd, 0xe7, 0x5a, 0xf8, 0xfa, + 0x76, 0xad, 0x7b, 0x90, 0xb7, 0xa8, 0xdf, 0x27, 0x81, 0x19, 0x0e, 0x29, 0xb7, 0x2a, 0x27, 0xfa, + 0x5f, 0x89, 0x40, 0x43, 0x60, 0xe5, 0x06, 0x64, 0xe2, 0x2b, 0x43, 0x05, 0x90, 0xdb, 0x75, 0xc3, + 0xe8, 0x34, 0xf4, 0x56, 0xf7, 0xa8, 0xa1, 0x2c, 0x21, 0x80, 0xb4, 0xf1, 0xe6, 0xb8, 0xdd, 0x3c, + 0x54, 0x24, 0xbe, 0x3e, 0xee, 0x76, 0xba, 0xf5, 0xa6, 0x92, 0x40, 0xeb, 0xa0, 0xd4, 0xbb, 0x9d, + 0x96, 0x39, 0x9f, 0x9d, 0x2c, 0xb7, 0x40, 0x9e, 0x3b, 0x11, 0x5a, 0x81, 0x6c, 0xa7, 0x69, 0x98, + 0x3c, 0x51, 0x59, 0x42, 0xb2, 0x28, 0x73, 0xba, 0x6b, 0xee, 0x28, 0xd2, 0x2c, 0xd8, 0x55, 0x12, + 0xb3, 0xa0, 0xaa, 0x24, 0x67, 0x41, 0x4d, 0x49, 0x95, 0x4f, 0x20, 0xc5, 0x47, 0x10, 0xfd, 0x07, + 0x69, 0x77, 0x38, 0xe8, 0x91, 0x40, 0x7c, 0xad, 0x79, 0x3d, 0x8e, 0x50, 0x11, 0xb2, 0x13, 0x1f, + 0xe3, 0x89, 0x9f, 0xc6, 0xd3, 0x61, 0x48, 0xce, 0x86, 0xa1, 0xfc, 0x51, 0x02, 0xe5, 0xf6, 0x43, + 0x83, 0x5a, 0x90, 0x76, 0x70, 0x8f, 0x38, 0x93, 0xe7, 0xf3, 0xf9, 0x02, 0xaf, 0x94, 0xd6, 0x14, + 0x4c, 0xf1, 0x1c, 0xe9, 0xb1, 0x4c, 0xf1, 0x05, 0xc8, 0x73, 0xf0, 0x22, 0xaf, 0xd4, 0x81, 0xf6, + 0xf5, 0x66, 0x43, 0xfa, 0x76, 0xb3, 0x21, 0x7d, 0xbf, 0xd9, 0x90, 0x3e, 0x94, 0xa2, 0x83, 0x50, + 0xaf, 0x82, 0x7d, 0x5a, 0xf9, 0xcd, 0x0f, 0xa3, 0x97, 0x16, 0xed, 0xd6, 0x7e, 0x04, 0x00, 0x00, + 0xff, 0xff, 0xb6, 0x53, 0x7e, 0xba, 0x4e, 0x06, 0x00, 0x00, } diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index fbe1b4dcf3..1f70f18bc9 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -355,7 +355,7 @@ message Server { // configuration can be used to redirect traffic arriving at the bind // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be - // tcp://127.0.0.1:PORT or unix:///path/to/socket + // 127.0.0.1:PORT or unix:///path/to/socket string default_endpoint = 4; } @@ -385,10 +385,7 @@ message WorkloadSelector { // workload is present. map labels = 1; - // The IP address of the workload (as seen by Pilot) on which this - // gateway/sidecar configuration should be applied. - string ip = 2; - + // $hide_from_docs // [#not-implemented-hide:] // other forms of identification such as X509 fields, tenant IDs, JWT, // etc. will be added in future. diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 14cf58ccde..59954b30bf 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -2166,34 +2166,37 @@

IstioListener

 - - - + + + - - - + + + @@ -2201,10 +2204,9 @@

IstioListener

@@ -2212,7 +2214,7 @@

IstioListener

@@ -2887,7 +2889,7 @@

Server

configuration can be used to redirect traffic arriving at the bind point on the sidecar to a port or unix domain socket where the application workload is listening for connections. Format should be -tcp://127.0.0.1:PORT or unix:///path/to/socket

+127.0.0.1:PORT or unix:///path/to/socket

@@ -3649,10 +3651,11 @@

Sidecar

Services and configuration in a mesh are organized into one or more namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -resource in a namespace will apply to all workloads in the namespace. -Currently, each namespace should have only one Sidecar resource named -“default”. The behavior of the system is undefined if more than one -Sidecar resource exists in a given namespace.

+resource in a namespace will apply to all workloads in the namespace in +the absence of a workload selector. Currently, each namespace should +have only one Sidecar resource without any workload selector. The +behavior of the system is undefined if more than one Sidecar resource +exists in a given namespace.

The example below delcares a Sidecar resource in the prod-us1 namespace that configures the sidecar to proxy egress traffic for services in the @@ -3673,7 +3676,7 @@

Sidecar

The example below delcares a Sidecar resource in the prod-us1 namespace -that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +that accepts inbound HTTP traffic on port 9080 and forwards it to the attached workload listening on a unix domain socket. In the egress direction, in addition to the istio-system namespace, the sidecar proxies only HTTP traffic bound for port 9080 for services in the @@ -3686,14 +3689,18 @@

Sidecar

namespace: prod-us1 spec: ingress: - - bind: tcp://10.10.10.10:9080 - protocol: HTTP + - port: + number: 9080 + protocol: HTTP + name: somename defaultEndpoint: unix:///var/run/someuds.sock egress: - hosts: - "istio-system/*" - - bind: tcp://0.0.0.0:9080 - protocol: HTTP + - port: + number: 9080 + protocol: HTTP + name: egresshttp hosts: - "prod-us1/*" @@ -3707,17 +3714,6 @@

Sidecar

- - - - - @@ -4534,15 +4530,6 @@

WorkloadSelector

label search is restricted to the configuration namespace in which the workload is present.

- - - - - - diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index 8f3eb44bf5..c220974e88 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -56,10 +56,11 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // // Services and configuration in a mesh are organized into one or more // namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -// resource in a namespace will apply to all workloads in the namespace. -// *_Currently, each namespace should have only one Sidecar resource named -// "default"_*. The behavior of the system is undefined if more than one -// Sidecar resource exists in a given namespace. +// resource in a namespace will apply to all workloads in the namespace in +// the absence of a workload selector. *_Currently, each namespace should +// have only one Sidecar resource without any workload selector_*. The +// behavior of the system is undefined if more than one Sidecar resource +// exists in a given namespace. // // The example below delcares a Sidecar resource in the prod-us1 namespace // that configures the sidecar to proxy egress traffic for services in the @@ -81,7 +82,7 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // ``` // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +// that accepts inbound HTTP traffic on port 9080 and forwards // it to the attached workload listening on a unix domain socket. In the // egress direction, in addition to the istio-system namespace, the sidecar // proxies only HTTP traffic bound for port 9080 for services in the @@ -95,19 +96,24 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // namespace: prod-us1 // spec: // ingress: -// - bind: tcp://10.10.10.10:9080 -// protocol: HTTP +// - port: +// number: 9080 +// protocol: HTTP +// name: somename // defaultEndpoint: unix:///var/run/someuds.sock // egress: // - hosts: // - "istio-system/*" -// - bind: tcp://0.0.0.0:9080 -// protocol: HTTP +// - port: +// number: 9080 +// protocol: HTTP +// name: egresshttp // hosts: // - "prod-us1/*" // ``` // type Sidecar struct { + // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this // sidecar configuration should be applied. If omitted, the sidecar // configuration will be applied to all workloads in the current config @@ -155,13 +161,27 @@ func (m *Sidecar) GetEgress() []*IstioListener { // IstioListener specifies the properties of a single listener on the // sidecar proxy attached to a workload. type IstioListener struct { - // An arbitrary name associated with the listener used for emitting metrics. + // An optional arbitrary name associated with the listener used for + // emitting metrics. Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The ip:port or the unix domain socket to which the listener should be - // bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or - // unix://@foobar (Linux abstract namespace). To bind to any IP with - // specific port, use tcp://0.0.0.0: - BindAddress string `protobuf:"bytes,2,opt,name=bind_address,json=bindAddress,proto3" json:"bind_address,omitempty"` + // REQUIRED for ingress. The port associated with the listener. If using + // unix domain socket, use 0 as the port number, with a valid + // protocol. In the egress path, the port if specified, will be used as + // the default destination port associated with the imported hosts. If + // the port is omitted, Istio will infer the listener ports based on the + // imported hosts. Note that when multiple egress listeners are + // specified, where one or more listeners have specific ports while + // others have no port, the hosts exposed on a listener port will be + // based on the listener with the most specific port. + Port *Port `protobuf:"bytes,2,opt,name=port" json:"port,omitempty"` + // The ip or the unix domain socket to which the listener should be bound + // to. Port MUST be specified if bindAddress is not empty. Format: + // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract + // namespace). If omitted, Istio will autoconfigure the defaults based on + // imported services and the workload to which this configuration is + // applied to. + BindAddress string `protobuf:"bytes,3,opt,name=bind_address,json=bindAddress,proto3" json:"bind_address,omitempty"` + // $hide_from_docs // When the bind address is an IP:port, the bindToPort option dictates // whether or not the sidecar should bind its listener socket to the // specified port. Set bindToPort to false (default) if application @@ -171,13 +191,12 @@ type IstioListener struct { // iptables for traffic capture, set bindToPort to true to force the // sidecar to bind to the specified port. Note that the binding might // fail if the application workload is already bound to the same port. - BindToPort bool `protobuf:"varint,3,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"` - // The protocol associated with this listener. - // MUST BE one of HTTP|TCP|TLS|MONGO. - // TLS implies the connection will be routed based on the SNI header. - // HTTP implies HTTP 1.1/HTTP 2/gRPC - Protocol string `protobuf:"bytes,4,opt,name=protocol,proto3" json:"protocol,omitempty"` - // One or more hosts (HTTP or SNI) exposed by the listener in + BindToPort bool `protobuf:"varint,4,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"` + // Specifies the protocol associated with this listener. Recognized + // values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as + // equivalent to TCP. + Protocol string `protobuf:"bytes,5,opt,name=protocol,proto3" json:"protocol,omitempty"` + // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress // servers*_. For egress servers, the hosts field results in importing // one or more publicly scoped services and VirtualServices from remote @@ -197,14 +216,14 @@ type IstioListener struct { // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - Hosts []string `protobuf:"bytes,5,rep,name=hosts" json:"hosts,omitempty"` + Hosts []string `protobuf:"bytes,6,rep,name=hosts" json:"hosts,omitempty"` // The IP endpoint or unix domain socket to which traffic should be // forwarded to by default. In the context of an ingress server, this // configuration can be used to redirect traffic arriving at the bind // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be - // tcp://127.0.0.1:PORT or unix:///path/to/socket - DefaultEndpoint string `protobuf:"bytes,6,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` + // 127.0.0.1:PORT or unix:///path/to/socket + DefaultEndpoint string `protobuf:"bytes,7,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } func (m *IstioListener) Reset() { *m = IstioListener{} } @@ -219,6 +238,13 @@ func (m *IstioListener) GetName() string { return "" } +func (m *IstioListener) GetPort() *Port { + if m != nil { + return m.Port + } + return nil +} + func (m *IstioListener) GetBindAddress() string { if m != nil { return m.BindAddress @@ -332,14 +358,24 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintSidecar(dAtA, i, uint64(len(m.Name))) i += copy(dAtA[i:], m.Name) } - if len(m.BindAddress) > 0 { + if m.Port != nil { dAtA[i] = 0x12 i++ + i = encodeVarintSidecar(dAtA, i, uint64(m.Port.Size())) + n2, err := m.Port.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n2 + } + if len(m.BindAddress) > 0 { + dAtA[i] = 0x1a + i++ i = encodeVarintSidecar(dAtA, i, uint64(len(m.BindAddress))) i += copy(dAtA[i:], m.BindAddress) } if m.BindToPort { - dAtA[i] = 0x18 + dAtA[i] = 0x20 i++ if m.BindToPort { dAtA[i] = 1 @@ -349,14 +385,14 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { i++ } if len(m.Protocol) > 0 { - dAtA[i] = 0x22 + dAtA[i] = 0x2a i++ i = encodeVarintSidecar(dAtA, i, uint64(len(m.Protocol))) i += copy(dAtA[i:], m.Protocol) } if len(m.Hosts) > 0 { for _, s := range m.Hosts { - dAtA[i] = 0x2a + dAtA[i] = 0x32 i++ l = len(s) for l >= 1<<7 { @@ -370,7 +406,7 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { } } if len(m.DefaultEndpoint) > 0 { - dAtA[i] = 0x32 + dAtA[i] = 0x3a i++ i = encodeVarintSidecar(dAtA, i, uint64(len(m.DefaultEndpoint))) i += copy(dAtA[i:], m.DefaultEndpoint) @@ -416,6 +452,10 @@ func (m *IstioListener) Size() (n int) { if l > 0 { n += 1 + l + sovSidecar(uint64(l)) } + if m.Port != nil { + l = m.Port.Size() + n += 1 + l + sovSidecar(uint64(l)) + } l = len(m.BindAddress) if l > 0 { n += 1 + l + sovSidecar(uint64(l)) @@ -657,6 +697,39 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { m.Name = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthSidecar + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Port == nil { + m.Port = &Port{} + } + if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field BindAddress", wireType) } @@ -685,7 +758,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } m.BindAddress = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 3: + case 4: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field BindToPort", wireType) } @@ -705,7 +778,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } } m.BindToPort = bool(v != 0) - case 4: + case 5: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType) } @@ -734,7 +807,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } m.Protocol = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 5: + case 6: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) } @@ -763,7 +836,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 6: + case 7: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) } @@ -921,29 +994,30 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } var fileDescriptorSidecar = []byte{ - // 375 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcd, 0xee, 0xd2, 0x40, - 0x14, 0xc5, 0x1d, 0xfb, 0xa7, 0xc0, 0xad, 0xc6, 0x3a, 0x71, 0x51, 0x59, 0x90, 0xc2, 0xc2, 0x54, - 0x4d, 0xda, 0x08, 0x2f, 0x20, 0x10, 0x16, 0x24, 0x2c, 0x48, 0xc1, 0x8f, 0xb8, 0x69, 0x86, 0x76, - 0x28, 0x13, 0xeb, 0xdc, 0x66, 0x66, 0x94, 0xf8, 0x80, 0x26, 0x2e, 0x7d, 0x04, 0xc3, 0xce, 0xb7, - 0x30, 0xfd, 0x40, 0xa3, 0x41, 0x93, 0xff, 0x6e, 0xee, 0xb9, 0xe7, 0x77, 0xe6, 0xce, 0xcd, 0xc0, - 0x48, 0x72, 0x73, 0x42, 0xf5, 0x5e, 0xc8, 0x3c, 0xfa, 0xf4, 0x82, 0x15, 0xe5, 0x91, 0x4d, 0x23, - 0x2d, 0x32, 0x9e, 0x32, 0x15, 0x96, 0x0a, 0x0d, 0xd2, 0xc7, 0x42, 0x1b, 0x81, 0xe1, 0x6f, 0x63, - 0x78, 0x31, 0x0e, 0xae, 0xd2, 0x39, 0x33, 0xfc, 0xc4, 0x3e, 0x37, 0xf4, 0xf8, 0x07, 0x81, 0xee, - 0xb6, 0xc9, 0xa3, 0x6f, 0xe1, 0x61, 0xe5, 0x2e, 0x90, 0x65, 0x89, 0xe6, 0x05, 0x4f, 0x0d, 0x2a, - 0x8f, 0xf8, 0x24, 0x70, 0x26, 0xcf, 0xc3, 0x7f, 0xde, 0x12, 0xbe, 0x69, 0x99, 0x6d, 0x8b, 0xc4, - 0xee, 0xe9, 0x2f, 0x85, 0xce, 0xa1, 0x2b, 0x64, 0xae, 0xb8, 0xd6, 0xde, 0x5d, 0xdf, 0x0a, 0x9c, - 0x49, 0xf0, 0x9f, 0xbc, 0x55, 0xd5, 0x59, 0x0b, 0x6d, 0xb8, 0xe4, 0x2a, 0xbe, 0x80, 0xf4, 0x25, - 0xd8, 0xbc, 0x89, 0xb0, 0x6e, 0x19, 0xd1, 0x72, 0xe3, 0x2f, 0x04, 0xee, 0xff, 0xd1, 0xa1, 0x14, - 0x6e, 0x24, 0xfb, 0xc0, 0xeb, 0x47, 0xf6, 0xe3, 0xfa, 0x4c, 0x47, 0x70, 0x6f, 0x2f, 0x64, 0x96, - 0xb0, 0x2c, 0x6b, 0x07, 0xae, 0x7a, 0x4e, 0xa5, 0xcd, 0x1a, 0x89, 0xfa, 0xad, 0xc5, 0x60, 0x52, - 0xa2, 0x32, 0x9e, 0xe5, 0x93, 0xa0, 0x17, 0x43, 0xa5, 0xed, 0x70, 0x83, 0xca, 0xd0, 0x01, 0xf4, - 0xea, 0xfd, 0xa6, 0x58, 0x78, 0x37, 0x75, 0xc0, 0xaf, 0x9a, 0x3e, 0x82, 0xce, 0x11, 0xb5, 0xd1, - 0x5e, 0xc7, 0xb7, 0x82, 0x7e, 0xdc, 0x14, 0xf4, 0x29, 0xb8, 0x19, 0x3f, 0xb0, 0x8f, 0x85, 0x49, - 0xb8, 0xcc, 0x4a, 0x14, 0xd2, 0x78, 0x76, 0x4d, 0x3e, 0x68, 0xf5, 0x65, 0x2b, 0x3f, 0x7b, 0x02, - 0xce, 0x02, 0xe5, 0x41, 0xe4, 0xdb, 0x14, 0x4b, 0x4e, 0x01, 0xec, 0xcd, 0xab, 0xf9, 0x7a, 0xb5, - 0x70, 0xef, 0x50, 0x07, 0xba, 0x9b, 0x78, 0xf5, 0x7a, 0xb6, 0x5b, 0xba, 0x64, 0x1e, 0x7e, 0x3d, - 0x0f, 0xc9, 0xb7, 0xf3, 0x90, 0x7c, 0x3f, 0x0f, 0xc9, 0x3b, 0xbf, 0x59, 0x97, 0xc0, 0x88, 0x95, - 0x22, 0xba, 0xf2, 0x33, 0xf6, 0x76, 0x3d, 0xe2, 0xf4, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff, 0xe4, - 0xba, 0xfd, 0xef, 0x75, 0x02, 0x00, 0x00, + // 392 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcf, 0x8e, 0xd3, 0x30, + 0x10, 0xc6, 0xf1, 0xb6, 0x9b, 0xec, 0x4e, 0x40, 0x04, 0x8b, 0x43, 0xd8, 0x43, 0xc9, 0xee, 0x01, + 0x05, 0x90, 0x12, 0xb1, 0x7d, 0x01, 0xda, 0xaa, 0x87, 0x4a, 0x3d, 0x54, 0x69, 0xf9, 0x23, 0x2e, + 0x91, 0x9b, 0xb8, 0xa9, 0x45, 0xf0, 0x44, 0xb6, 0xa1, 0xe2, 0x0d, 0x39, 0xf2, 0x08, 0xa8, 0x37, + 0x5e, 0x81, 0x13, 0x8a, 0x93, 0x82, 0x40, 0xa5, 0x12, 0xb7, 0xcc, 0x37, 0xdf, 0xf7, 0x9b, 0x19, + 0xc5, 0x70, 0x2d, 0xb9, 0xd9, 0xa1, 0x7a, 0x2f, 0x64, 0x99, 0x7c, 0x7a, 0xc1, 0xaa, 0x7a, 0xcb, + 0x86, 0x89, 0x16, 0x05, 0xcf, 0x99, 0x8a, 0x6b, 0x85, 0x06, 0xe9, 0x23, 0xa1, 0x8d, 0xc0, 0xf8, + 0xb7, 0x31, 0x3e, 0x18, 0xaf, 0x8e, 0xa6, 0x4b, 0x66, 0xf8, 0x8e, 0x7d, 0x6e, 0xd3, 0x37, 0xdf, + 0x09, 0xb8, 0xcb, 0x96, 0x47, 0xdf, 0xc2, 0x83, 0xc6, 0x5d, 0x21, 0x2b, 0x32, 0xcd, 0x2b, 0x9e, + 0x1b, 0x54, 0x01, 0x09, 0x49, 0xe4, 0xdd, 0x3e, 0x8f, 0xff, 0x39, 0x25, 0x7e, 0xd3, 0x65, 0x96, + 0x5d, 0x24, 0xf5, 0x77, 0x7f, 0x29, 0x74, 0x0c, 0xae, 0x90, 0xa5, 0xe2, 0x5a, 0x07, 0x67, 0x61, + 0x2f, 0xf2, 0x6e, 0xa3, 0x13, 0xbc, 0x59, 0xd3, 0x99, 0x0b, 0x6d, 0xb8, 0xe4, 0x2a, 0x3d, 0x04, + 0xe9, 0x4b, 0x70, 0x78, 0x8b, 0xe8, 0xfd, 0x27, 0xa2, 0xcb, 0xdd, 0xfc, 0x20, 0x70, 0xef, 0x8f, + 0x0e, 0xa5, 0xd0, 0x97, 0xec, 0x03, 0xb7, 0x47, 0x5e, 0xa6, 0xf6, 0x9b, 0x0e, 0xa1, 0x5f, 0xa3, + 0x32, 0xc1, 0x99, 0x3d, 0xfc, 0xf1, 0x89, 0x29, 0x0b, 0x54, 0x26, 0xb5, 0x66, 0x7a, 0x0d, 0x77, + 0xd7, 0x42, 0x16, 0x19, 0x2b, 0x8a, 0x6e, 0xc5, 0x06, 0xe8, 0x35, 0xda, 0xa8, 0x95, 0x68, 0xd8, + 0x59, 0x0c, 0x66, 0x96, 0xdf, 0x0f, 0x49, 0x74, 0x91, 0x42, 0xa3, 0xad, 0xb0, 0x41, 0xd1, 0x2b, + 0xb8, 0xb0, 0x3f, 0x25, 0xc7, 0x2a, 0x38, 0xb7, 0x80, 0x5f, 0x35, 0x7d, 0x08, 0xe7, 0x5b, 0xd4, + 0x46, 0x07, 0x4e, 0xd8, 0x8b, 0x2e, 0xd3, 0xb6, 0xa0, 0x4f, 0xc1, 0x2f, 0xf8, 0x86, 0x7d, 0xac, + 0x4c, 0xc6, 0x65, 0x51, 0xa3, 0x90, 0x26, 0x70, 0x6d, 0xf2, 0x7e, 0xa7, 0x4f, 0x3b, 0xf9, 0xd9, + 0x13, 0xf0, 0x26, 0x28, 0x37, 0xa2, 0x5c, 0xe6, 0x58, 0x73, 0x0a, 0xe0, 0x2c, 0x5e, 0x8d, 0xe7, + 0xb3, 0x89, 0x7f, 0x87, 0x7a, 0xe0, 0x2e, 0xd2, 0xd9, 0xeb, 0xd1, 0x6a, 0xea, 0x93, 0x71, 0xfc, + 0x65, 0x3f, 0x20, 0x5f, 0xf7, 0x03, 0xf2, 0x6d, 0x3f, 0x20, 0xef, 0xc2, 0xf6, 0x7a, 0x81, 0x09, + 0xab, 0x45, 0x72, 0xe4, 0x39, 0xad, 0x1d, 0xbb, 0xe2, 0xf0, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff, + 0x49, 0xd2, 0x98, 0x14, 0xaa, 0x02, 0x00, 0x00, } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index 52f94c8604..0f1c882512 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -33,10 +33,11 @@ option go_package = "istio.io/api/networking/v1alpha3"; // // Services and configuration in a mesh are organized into one or more // namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -// resource in a namespace will apply to all workloads in the namespace. -// *_Currently, each namespace should have only one Sidecar resource named -// "default"_*. The behavior of the system is undefined if more than one -// Sidecar resource exists in a given namespace. +// resource in a namespace will apply to all workloads in the namespace in +// the absence of a workload selector. *_Currently, each namespace should +// have only one Sidecar resource without any workload selector_*. The +// behavior of the system is undefined if more than one Sidecar resource +// exists in a given namespace. // // The example below delcares a Sidecar resource in the prod-us1 namespace // that configures the sidecar to proxy egress traffic for services in the @@ -58,7 +59,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // ``` // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that accepts inbound HTTP traffic on port 10.10.10.10:9080 and forwards +// that accepts inbound HTTP traffic on port 9080 and forwards // it to the attached workload listening on a unix domain socket. In the // egress direction, in addition to the istio-system namespace, the sidecar // proxies only HTTP traffic bound for port 9080 for services in the @@ -72,19 +73,24 @@ option go_package = "istio.io/api/networking/v1alpha3"; // namespace: prod-us1 // spec: // ingress: -// - bind: tcp://10.10.10.10:9080 -// protocol: HTTP +// - port: +// number: 9080 +// protocol: HTTP +// name: somename // defaultEndpoint: unix:///var/run/someuds.sock // egress: // - hosts: // - "istio-system/*" -// - bind: tcp://0.0.0.0:9080 -// protocol: HTTP +// - port: +// number: 9080 +// protocol: HTTP +// name: egresshttp // hosts: // - "prod-us1/*" // ``` // message Sidecar { + // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this // sidecar configuration should be applied. If omitted, the sidecar // configuration will be applied to all workloads in the current config @@ -108,15 +114,30 @@ message Sidecar { // IstioListener specifies the properties of a single listener on the // sidecar proxy attached to a workload. message IstioListener { - // An arbitrary name associated with the listener used for emitting metrics. + // An optional arbitrary name associated with the listener used for + // emitting metrics. string name = 1; - // The ip:port or the unix domain socket to which the listener should be - // bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or - // unix://@foobar (Linux abstract namespace). To bind to any IP with - // specific port, use tcp://0.0.0.0: - string bind_address = 2; + // REQUIRED for ingress. The port associated with the listener. If using + // unix domain socket, use 0 as the port number, with a valid + // protocol. In the egress path, the port if specified, will be used as + // the default destination port associated with the imported hosts. If + // the port is omitted, Istio will infer the listener ports based on the + // imported hosts. Note that when multiple egress listeners are + // specified, where one or more listeners have specific ports while + // others have no port, the hosts exposed on a listener port will be + // based on the listener with the most specific port. + Port port = 2; + // The ip or the unix domain socket to which the listener should be bound + // to. Port MUST be specified if bindAddress is not empty. Format: + // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract + // namespace). If omitted, Istio will autoconfigure the defaults based on + // imported services and the workload to which this configuration is + // applied to. + string bind_address = 3; + + // $hide_from_docs // When the bind address is an IP:port, the bindToPort option dictates // whether or not the sidecar should bind its listener socket to the // specified port. Set bindToPort to false (default) if application @@ -126,15 +147,14 @@ message IstioListener { // iptables for traffic capture, set bindToPort to true to force the // sidecar to bind to the specified port. Note that the binding might // fail if the application workload is already bound to the same port. - bool bind_to_port = 3; + bool bind_to_port = 4; - // The protocol associated with this listener. - // MUST BE one of HTTP|TCP|TLS|MONGO. - // TLS implies the connection will be routed based on the SNI header. - // HTTP implies HTTP 1.1/HTTP 2/gRPC - string protocol = 4; + // Specifies the protocol associated with this listener. Recognized + // values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as + // equivalent to TCP. + string protocol = 5; - // One or more hosts (HTTP or SNI) exposed by the listener in + // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress // servers*_. For egress servers, the hosts field results in importing // one or more publicly scoped services and VirtualServices from remote @@ -154,15 +174,15 @@ message IstioListener { // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - repeated string hosts = 5; + repeated string hosts = 6; // The IP endpoint or unix domain socket to which traffic should be // forwarded to by default. In the context of an ingress server, this // configuration can be used to redirect traffic arriving at the bind // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be - // tcp://127.0.0.1:PORT or unix:///path/to/socket - string default_endpoint = 6; + // 127.0.0.1:PORT or unix:///path/to/socket + string default_endpoint = 7; } // ConfigScope defines the visibility of an Istio configuration artifact in diff --git a/proto.lock b/proto.lock index e0127b832c..1e32e0db8b 100644 --- a/proto.lock +++ b/proto.lock @@ -823,7 +823,7 @@ "type": "bool" }, { - "id": 30, + "id": 29, "name": "sds_use_k8s_sa_jwt", "type": "bool" }, @@ -835,8 +835,7 @@ ], "reserved_ids": [ 15, - 18, - 29 + 18 ], "messages": [ { @@ -3140,13 +3139,6 @@ }, { "name": "WorkloadSelector", - "fields": [ - { - "id": 2, - "name": "ip", - "type": "string" - } - ], "maps": [ { "key_type": "string", @@ -3340,27 +3332,32 @@ }, { "id": 2, + "name": "port", + "type": "Port" + }, + { + "id": 3, "name": "bind_address", "type": "string" }, { - "id": 3, + "id": 4, "name": "bind_to_port", "type": "bool" }, { - "id": 4, + "id": 5, "name": "protocol", "type": "string" }, { - "id": 5, + "id": 6, "name": "hosts", "type": "string", "is_repeated": true }, { - "id": 6, + "id": 7, "name": "default_endpoint", "type": "string" } diff --git a/python/istio_api/mesh/v1alpha1/config_pb2.py b/python/istio_api/mesh/v1alpha1/config_pb2.py index f5bb87ad8b..5781f69a5d 100644 --- a/python/istio_api/mesh/v1alpha1/config_pb2.py +++ b/python/istio_api/mesh/v1alpha1/config_pb2.py @@ -22,7 +22,7 @@ name='mesh/v1alpha1/config.proto', package='istio.mesh.v1alpha1', syntax='proto3', - serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\xff\x0b\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x1c \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12N\n\x13\x61\x63\x63\x65ss_log_encoding\x18\x1b \x01(\x0e\x32\x31.istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x1a\n\x12sds_use_k8s_sa_jwt\x18\x1e \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\"\'\n\x11\x41\x63\x63\x65ssLogEncoding\x12\x08\n\x04TEXT\x10\x00\x12\x08\n\x04JSON\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13J\x04\x08\x1d\x10\x1e\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') + serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\xf9\x0b\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x1c \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12N\n\x13\x61\x63\x63\x65ss_log_encoding\x18\x1b \x01(\x0e\x32\x31.istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x1a\n\x12sds_use_k8s_sa_jwt\x18\x1d \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\"\'\n\x11\x41\x63\x63\x65ssLogEncoding\x12\x08\n\x04TEXT\x10\x00\x12\x08\n\x04JSON\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') , dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,mesh_dot_v1alpha1_dot_proxy__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_destination__rule__pb2.DESCRIPTOR,]) @@ -340,7 +340,7 @@ options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( name='sds_use_k8s_sa_jwt', full_name='istio.mesh.v1alpha1.MeshConfig.sds_use_k8s_sa_jwt', index=25, - number=30, type=8, cpp_type=7, label=1, + number=29, type=8, cpp_type=7, label=1, has_default_value=False, default_value=False, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, @@ -368,7 +368,7 @@ oneofs=[ ], serialized_start=155, - serialized_end=1690, + serialized_end=1684, ) @@ -405,8 +405,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1692, - serialized_end=1785, + serialized_start=1686, + serialized_end=1779, ) _MESHCONFIG_OUTBOUNDTRAFFICPOLICY.fields_by_name['mode'].enum_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE diff --git a/python/istio_api/networking/v1alpha3/gateway_pb2.py b/python/istio_api/networking/v1alpha3/gateway_pb2.py index c7587d7a90..cd9e8ae01d 100644 --- a/python/istio_api/networking/v1alpha3/gateway_pb2.py +++ b/python/istio_api/networking/v1alpha3/gateway_pb2.py @@ -19,7 +19,7 @@ name='networking/v1alpha3/gateway.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xfe\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x46\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntryB\x02\x18\x01\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xf1\x05\n\x06Server\x12\x0c\n\x04name\x18\x06 \x01(\t\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x05 \x01(\t\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x04 \x01(\t\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"\x96\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x12\n\n\x02ip\x18\x02 \x01(\t\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/gateway.proto\x12\x19istio.networking.v1alpha3\"\xfe\x01\n\x07Gateway\x12\x32\n\x07servers\x18\x01 \x03(\x0b\x32!.istio.networking.v1alpha3.Server\x12\x46\n\x08selector\x18\x02 \x03(\x0b\x32\x30.istio.networking.v1alpha3.Gateway.SelectorEntryB\x02\x18\x01\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x1a/\n\rSelectorEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xf1\x05\n\x06Server\x12\x0c\n\x04name\x18\x06 \x01(\t\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x05 \x01(\t\x12\r\n\x05hosts\x18\x02 \x03(\t\x12\x39\n\x03tls\x18\x03 \x01(\x0b\x32,.istio.networking.v1alpha3.Server.TLSOptions\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x04 \x01(\t\x1a\xaf\x04\n\nTLSOptions\x12\x16\n\x0ehttps_redirect\x18\x01 \x01(\x08\x12\x42\n\x04mode\x18\x02 \x01(\x0e\x32\x34.istio.networking.v1alpha3.Server.TLSOptions.TLSmode\x12\x1a\n\x12server_certificate\x18\x03 \x01(\t\x12\x13\n\x0bprivate_key\x18\x04 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x05 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x06 \x03(\t\x12V\n\x14min_protocol_version\x18\x07 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12V\n\x14max_protocol_version\x18\x08 \x01(\x0e\x32\x38.istio.networking.v1alpha3.Server.TLSOptions.TLSProtocol\x12\x15\n\rcipher_suites\x18\t \x03(\t\"H\n\x07TLSmode\x12\x0f\n\x0bPASSTHROUGH\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x14\n\x10\x41UTO_PASSTHROUGH\x10\x03\"O\n\x0bTLSProtocol\x12\x0c\n\x08TLS_AUTO\x10\x00\x12\x0b\n\x07TLSV1_0\x10\x01\x12\x0b\n\x07TLSV1_1\x10\x02\x12\x0b\n\x07TLSV1_2\x10\x03\x12\x0b\n\x07TLSV1_3\x10\x04\"6\n\x04Port\x12\x0e\n\x06number\x18\x01 \x01(\r\x12\x10\n\x08protocol\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"\x8a\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') ) @@ -403,8 +403,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1239, - serialized_end=1284, + serialized_start=1227, + serialized_end=1272, ) _WORKLOADSELECTOR = _descriptor.Descriptor( @@ -421,13 +421,6 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), - _descriptor.FieldDescriptor( - name='ip', full_name='istio.networking.v1alpha3.WorkloadSelector.ip', index=1, - number=2, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -441,7 +434,7 @@ oneofs=[ ], serialized_start=1134, - serialized_end=1284, + serialized_end=1272, ) _GATEWAY_SELECTORENTRY.containing_type = _GATEWAY diff --git a/python/istio_api/networking/v1alpha3/sidecar_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py index 5e0ce438b0..3867e6bce8 100644 --- a/python/istio_api/networking/v1alpha3/sidecar_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -21,7 +21,7 @@ name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\x84\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x62ind_address\x18\x02 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x03 \x01(\x08\x12\x10\n\x08protocol\x18\x04 \x01(\t\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\xb3\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x03 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x04 \x01(\x08\x12\x10\n\x08protocol\x18\x05 \x01(\t\x12\r\n\x05hosts\x18\x06 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x07 \x01(\t*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -42,8 +42,8 @@ ], containing_type=None, options=None, - serialized_start=435, - serialized_end=473, + serialized_start=482, + serialized_end=520, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) @@ -113,36 +113,43 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='bind_address', full_name='istio.networking.v1alpha3.IstioListener.bind_address', index=1, - number=2, type=9, cpp_type=9, label=1, + name='port', full_name='istio.networking.v1alpha3.IstioListener.port', index=1, + number=2, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='bind_address', full_name='istio.networking.v1alpha3.IstioListener.bind_address', index=2, + number=3, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='bind_to_port', full_name='istio.networking.v1alpha3.IstioListener.bind_to_port', index=2, - number=3, type=8, cpp_type=7, label=1, + name='bind_to_port', full_name='istio.networking.v1alpha3.IstioListener.bind_to_port', index=3, + number=4, type=8, cpp_type=7, label=1, has_default_value=False, default_value=False, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='protocol', full_name='istio.networking.v1alpha3.IstioListener.protocol', index=3, - number=4, type=9, cpp_type=9, label=1, + name='protocol', full_name='istio.networking.v1alpha3.IstioListener.protocol', index=4, + number=5, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=4, - number=5, type=9, cpp_type=9, label=3, + name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=5, + number=6, type=9, cpp_type=9, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=5, - number=6, type=9, cpp_type=9, label=1, + name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=6, + number=7, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, @@ -160,12 +167,13 @@ oneofs=[ ], serialized_start=301, - serialized_end=433, + serialized_end=480, ) _SIDECAR.fields_by_name['workload_selector'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._WORKLOADSELECTOR _SIDECAR.fields_by_name['ingress'].message_type = _ISTIOLISTENER _SIDECAR.fields_by_name['egress'].message_type = _ISTIOLISTENER +_ISTIOLISTENER.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._PORT DESCRIPTOR.message_types_by_name['Sidecar'] = _SIDECAR DESCRIPTOR.message_types_by_name['IstioListener'] = _ISTIOLISTENER DESCRIPTOR.enum_types_by_name['ConfigScope'] = _CONFIGSCOPE From 2686d00aecb8617f2748bd712cd8f2a6fd1859b5 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Tue, 1 Jan 2019 18:15:47 -0500 Subject: [PATCH 05/11] update protolock Signed-off-by: Shriram Rajagopalan --- proto.lock | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/proto.lock b/proto.lock index 460bdf54a0..3ed912ea4b 100644 --- a/proto.lock +++ b/proto.lock @@ -684,11 +684,13 @@ { "name": "ALLOW_ANY", "integer": 1 - }, - { - "name": "VIRTUAL_SERVICE_ONLY", - "integer": 2 } + ], + "reserved_ids": [ + 2 + ], + "reserved_names": [ + "VIRTUAL_SERVICE_ONLY" ] } ], From 174c8284acf4bc66d07e313b5b442de50fb80dce Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Wed, 2 Jan 2019 19:59:15 -0500 Subject: [PATCH 06/11] add workloadSelector to EnvoyFilter Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/envoy_filter.pb.go | 165 ++++++++++++------ networking/v1alpha3/envoy_filter.proto | 7 + .../istio.networking.v1alpha3.pb.html | 84 +-------- networking/v1alpha3/sidecar.pb.go | 148 ++++------------ networking/v1alpha3/sidecar.proto | 79 +++++---- proto.lock | 12 +- .../networking/v1alpha3/envoy_filter_pb2.py | 51 +++--- .../networking/v1alpha3/sidecar_pb2.py | 23 +-- 8 files changed, 238 insertions(+), 331 deletions(-) diff --git a/networking/v1alpha3/envoy_filter.pb.go b/networking/v1alpha3/envoy_filter.pb.go index f71ab80395..d9bca4acbc 100644 --- a/networking/v1alpha3/envoy_filter.pb.go +++ b/networking/v1alpha3/envoy_filter.pb.go @@ -188,6 +188,11 @@ type EnvoyFilter struct { // The behavior is undefined if multiple EnvoyFilter configurations are // specified for the same workload. WorkloadLabels map[string]string `protobuf:"bytes,1,rep,name=workload_labels,json=workloadLabels" json:"workload_labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // $hide_from_docs + // Criteria used to select the specific set of pods/VMs + // on which this EnvoyFilter configuration should be applied. Precisely + // one of workloadLabels or workloadSelector must be specified. + WorkloadSelector *WorkloadSelector `protobuf:"bytes,3,opt,name=workload_selector,json=workloadSelector" json:"workload_selector,omitempty"` // REQUIRED: Envoy network filters/http filters to be added to matching // listeners. When adding network filters to http connections, care // should be taken to ensure that the filter is added before @@ -207,6 +212,13 @@ func (m *EnvoyFilter) GetWorkloadLabels() map[string]string { return nil } +func (m *EnvoyFilter) GetWorkloadSelector() *WorkloadSelector { + if m != nil { + return m.WorkloadSelector + } + return nil +} + func (m *EnvoyFilter) GetFilters() []*EnvoyFilter_Filter { if m != nil { return m.Filters @@ -425,6 +437,16 @@ func (m *EnvoyFilter) MarshalTo(dAtA []byte) (int, error) { i += n } } + if m.WorkloadSelector != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintEnvoyFilter(dAtA, i, uint64(m.WorkloadSelector.Size())) + n1, err := m.WorkloadSelector.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + } return i, nil } @@ -530,21 +552,21 @@ func (m *EnvoyFilter_Filter) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0xa i++ i = encodeVarintEnvoyFilter(dAtA, i, uint64(m.ListenerMatch.Size())) - n1, err := m.ListenerMatch.MarshalTo(dAtA[i:]) + n2, err := m.ListenerMatch.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n1 + i += n2 } if m.InsertPosition != nil { dAtA[i] = 0x12 i++ i = encodeVarintEnvoyFilter(dAtA, i, uint64(m.InsertPosition.Size())) - n2, err := m.InsertPosition.MarshalTo(dAtA[i:]) + n3, err := m.InsertPosition.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n2 + i += n3 } if m.FilterType != 0 { dAtA[i] = 0x18 @@ -561,11 +583,11 @@ func (m *EnvoyFilter_Filter) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x2a i++ i = encodeVarintEnvoyFilter(dAtA, i, uint64(m.FilterConfig.Size())) - n3, err := m.FilterConfig.MarshalTo(dAtA[i:]) + n4, err := m.FilterConfig.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n3 + i += n4 } return i, nil } @@ -596,6 +618,10 @@ func (m *EnvoyFilter) Size() (n int) { n += 1 + l + sovEnvoyFilter(uint64(l)) } } + if m.WorkloadSelector != nil { + l = m.WorkloadSelector.Size() + n += 1 + l + sovEnvoyFilter(uint64(l)) + } return n } @@ -853,6 +879,39 @@ func (m *EnvoyFilter) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field WorkloadSelector", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowEnvoyFilter + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthEnvoyFilter + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.WorkloadSelector == nil { + m.WorkloadSelector = &WorkloadSelector{} + } + if err := m.WorkloadSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipEnvoyFilter(dAtA[iNdEx:]) @@ -1442,50 +1501,52 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/envoy_filter.proto", fileDescriptorEnvoyFilter) } var fileDescriptorEnvoyFilter = []byte{ - // 706 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0x41, 0x6f, 0xda, 0x4c, - 0x10, 0x8d, 0x71, 0x08, 0x1f, 0xe3, 0x40, 0xfc, 0x6d, 0x22, 0xd5, 0x45, 0x55, 0x8a, 0x38, 0x54, - 0x5c, 0x6a, 0x5a, 0xd2, 0x4a, 0x51, 0xda, 0x8b, 0x93, 0x98, 0x14, 0x95, 0x02, 0x5d, 0x9c, 0x46, - 0x69, 0xa5, 0x5a, 0x06, 0x16, 0xb2, 0x8a, 0xf1, 0x5a, 0xf6, 0x42, 0xc2, 0xcf, 0xea, 0xb1, 0xd7, - 0x9e, 0x7a, 0x6c, 0xff, 0x41, 0x95, 0x5f, 0x52, 0x79, 0x6d, 0x08, 0x44, 0xa9, 0x94, 0xa6, 0x27, - 0x7b, 0x9f, 0xde, 0xbc, 0x99, 0xd9, 0x79, 0xb3, 0xf0, 0xc4, 0x23, 0xfc, 0x82, 0x05, 0xe7, 0xd4, - 0x1b, 0x56, 0x26, 0xcf, 0x1d, 0xd7, 0x3f, 0x73, 0x76, 0x2a, 0xc4, 0x9b, 0xb0, 0xa9, 0x3d, 0xa0, - 0x2e, 0x27, 0x81, 0xee, 0x07, 0x8c, 0x33, 0xf4, 0x90, 0x86, 0x9c, 0x32, 0xfd, 0x9a, 0xad, 0xcf, - 0xd8, 0x85, 0x47, 0x43, 0xc6, 0x86, 0x2e, 0xa9, 0x08, 0x62, 0x77, 0x3c, 0xa8, 0x84, 0x3c, 0x18, - 0xf7, 0x78, 0x1c, 0x58, 0xfa, 0x06, 0xa0, 0x98, 0x91, 0x5e, 0x4d, 0xc8, 0xa1, 0x1e, 0x6c, 0x44, - 0x0a, 0x2e, 0x73, 0xfa, 0xb6, 0xeb, 0x74, 0x89, 0x1b, 0x6a, 0x52, 0x51, 0x2e, 0x2b, 0xd5, 0x3d, - 0xfd, 0x8f, 0x29, 0xf4, 0x05, 0x01, 0xfd, 0x24, 0x89, 0x6e, 0x88, 0x60, 0xd3, 0xe3, 0xc1, 0x14, - 0xe7, 0x2f, 0x96, 0x40, 0x74, 0x04, 0x99, 0xb8, 0xfa, 0x50, 0x4b, 0x09, 0xf1, 0xa7, 0x77, 0x14, - 0x8f, 0x3f, 0x78, 0x16, 0x5d, 0x30, 0x60, 0xf3, 0x96, 0x7c, 0x48, 0x05, 0xf9, 0x9c, 0x4c, 0x35, - 0xa9, 0x28, 0x95, 0xb3, 0x38, 0xfa, 0x45, 0x5b, 0x90, 0x9e, 0x38, 0xee, 0x98, 0x68, 0x29, 0x81, - 0xc5, 0x87, 0xbd, 0xd4, 0xae, 0x54, 0xf8, 0x29, 0x43, 0xae, 0x41, 0x43, 0x4e, 0x3c, 0x12, 0xbc, - 0x73, 0x78, 0xef, 0x0c, 0x3d, 0x06, 0xc5, 0x67, 0x01, 0xb7, 0xbd, 0xf1, 0xa8, 0x4b, 0x02, 0xa1, - 0x92, 0xc3, 0x10, 0x41, 0x4d, 0x81, 0xa0, 0x32, 0xa8, 0x31, 0xc1, 0x19, 0x11, 0xdb, 0x0f, 0xc8, - 0x80, 0x5e, 0x26, 0xba, 0x79, 0xc1, 0x72, 0x46, 0xa4, 0x2d, 0x50, 0x34, 0x80, 0x9c, 0x9b, 0x68, - 0xdb, 0x7c, 0xea, 0x13, 0x4d, 0x2e, 0x4a, 0xe5, 0x7c, 0xd5, 0xb8, 0x63, 0xbb, 0x4b, 0x75, 0xcd, - 0x4f, 0xd6, 0xd4, 0x27, 0x78, 0xdd, 0x5d, 0x38, 0xa1, 0x00, 0xfe, 0x9f, 0xe7, 0x11, 0x73, 0xed, - 0x31, 0x57, 0x5b, 0x15, 0xb9, 0xcc, 0x7f, 0xca, 0xd5, 0x4e, 0xc4, 0xb0, 0xea, 0xde, 0x40, 0x90, - 0x06, 0x19, 0xa7, 0xdf, 0x0f, 0x48, 0x18, 0x6a, 0xe9, 0xa2, 0x5c, 0xce, 0xe2, 0xd9, 0xb1, 0xd4, - 0x82, 0xf5, 0xc5, 0x5a, 0x51, 0x06, 0x64, 0xa3, 0x79, 0xaa, 0xae, 0xa0, 0x4d, 0xd8, 0xe8, 0xd4, - 0x0f, 0xcd, 0x03, 0x03, 0xdb, 0xf5, 0xe6, 0x7e, 0xeb, 0xb8, 0x79, 0xa8, 0x4a, 0x68, 0x0b, 0xd4, - 0x19, 0xd8, 0x3a, 0xb6, 0x62, 0x34, 0x85, 0x14, 0xc8, 0x1c, 0x19, 0x96, 0x79, 0x62, 0x9c, 0xaa, - 0x72, 0x49, 0x07, 0xf5, 0x66, 0x41, 0x42, 0xb4, 0xd1, 0x50, 0x57, 0xd0, 0x7f, 0xb0, 0xfa, 0xc6, - 0xb2, 0xda, 0xaa, 0x14, 0x41, 0xd6, 0x41, 0x5b, 0x4d, 0x15, 0xbe, 0x4a, 0x90, 0xaf, 0x7b, 0x21, - 0x09, 0x78, 0x9b, 0x85, 0x94, 0x53, 0xe6, 0xa1, 0xf7, 0x90, 0xa6, 0x5e, 0x9f, 0x5c, 0x8a, 0x71, - 0xe6, 0xab, 0xaf, 0xee, 0x78, 0x2b, 0xcb, 0x2a, 0x7a, 0x3d, 0x92, 0xc0, 0xb1, 0x52, 0xe4, 0x93, - 0x80, 0xb8, 0x0e, 0xa7, 0x13, 0x62, 0x73, 0x96, 0x38, 0x00, 0x66, 0x90, 0xc5, 0x4a, 0x3b, 0x90, - 0x16, 0x01, 0x28, 0x0b, 0xe9, 0x5a, 0x1d, 0x77, 0xac, 0xb8, 0xda, 0x86, 0xd1, 0xb1, 0x54, 0x09, - 0x01, 0xac, 0xed, 0x9b, 0xb5, 0x16, 0x36, 0xd5, 0x54, 0x44, 0x30, 0x6a, 0x96, 0x89, 0x55, 0xb9, - 0xf0, 0x45, 0x86, 0xb5, 0x64, 0x17, 0x3f, 0x41, 0x7e, 0x3e, 0xd5, 0x51, 0x34, 0x16, 0x51, 0xbc, - 0x52, 0x7d, 0x71, 0x9f, 0x91, 0xe2, 0xb9, 0x13, 0x63, 0x97, 0x7f, 0x86, 0x0d, 0x2a, 0x9a, 0xb3, - 0xfd, 0xa4, 0x3b, 0xd1, 0x81, 0x52, 0x7d, 0x79, 0xaf, 0xab, 0xc1, 0x79, 0xba, 0x7c, 0xe1, 0xa7, - 0xa0, 0xc4, 0x5b, 0xba, 0x68, 0xfc, 0xdd, 0xbf, 0xda, 0xf3, 0xe4, 0x23, 0xfc, 0x0e, 0x83, 0xf9, - 0x7f, 0x74, 0xf1, 0x89, 0x74, 0xb4, 0x81, 0xc2, 0xe7, 0xd9, 0x19, 0x21, 0x5a, 0x3e, 0xf4, 0x1a, - 0x72, 0x09, 0xa1, 0xc7, 0xbc, 0x01, 0x1d, 0x6a, 0x69, 0xd1, 0xd9, 0x03, 0x3d, 0x7e, 0x0a, 0xf5, - 0xd9, 0x53, 0xa8, 0x77, 0xc4, 0x53, 0x88, 0xd7, 0x63, 0xf6, 0x81, 0x20, 0x97, 0x9e, 0x01, 0x5c, - 0x27, 0x8e, 0x8c, 0x58, 0x6f, 0x7e, 0x30, 0x1a, 0xf5, 0xc3, 0x25, 0xaf, 0x29, 0x90, 0x69, 0x9a, - 0xd6, 0x49, 0x0b, 0xbf, 0x55, 0x53, 0xfb, 0xfa, 0xf7, 0xab, 0x6d, 0xe9, 0xc7, 0xd5, 0xb6, 0xf4, - 0xeb, 0x6a, 0x5b, 0xfa, 0x58, 0x8c, 0x7b, 0xa4, 0xac, 0xe2, 0xf8, 0xb4, 0x72, 0xcb, 0x03, 0xde, - 0x5d, 0x13, 0x05, 0xec, 0xfc, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x26, 0x48, 0xc9, 0xfc, 0xde, 0x05, - 0x00, 0x00, + // 750 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0xdd, 0x6e, 0xe2, 0x46, + 0x14, 0x8e, 0x71, 0x08, 0xe5, 0x38, 0x90, 0xc9, 0x24, 0x52, 0x5d, 0x54, 0xa5, 0x94, 0x8b, 0x0a, + 0xa9, 0xaa, 0x69, 0x49, 0x2b, 0x45, 0x69, 0x6f, 0x9c, 0xc4, 0xa4, 0xa8, 0x14, 0xe8, 0xe0, 0x34, + 0x4d, 0x2b, 0xd5, 0x32, 0x30, 0x10, 0x2b, 0xc6, 0x63, 0xd9, 0x03, 0x84, 0x77, 0xd9, 0x97, 0xd8, + 0xcb, 0x7d, 0x83, 0xbd, 0xdc, 0x7d, 0x83, 0x55, 0x9e, 0x64, 0xe5, 0xb1, 0x4d, 0x20, 0xca, 0xae, + 0xb2, 0xd9, 0x2b, 0x7b, 0x3e, 0x7d, 0xe7, 0x3b, 0x3f, 0xf3, 0xcd, 0x81, 0xef, 0x3c, 0xca, 0xe7, + 0x2c, 0xb8, 0x71, 0xbc, 0x71, 0x6d, 0xf6, 0x93, 0xed, 0xfa, 0xd7, 0xf6, 0x61, 0x8d, 0x7a, 0x33, + 0xb6, 0xb0, 0x46, 0x8e, 0xcb, 0x69, 0xa0, 0xf9, 0x01, 0xe3, 0x0c, 0x7f, 0xe5, 0x84, 0xdc, 0x61, + 0xda, 0x3d, 0x5b, 0x4b, 0xd9, 0xa5, 0xaf, 0xc7, 0x8c, 0x8d, 0x5d, 0x5a, 0x13, 0xc4, 0xfe, 0x74, + 0x54, 0x0b, 0x79, 0x30, 0x1d, 0xf0, 0x38, 0xb0, 0xf4, 0xed, 0x63, 0x09, 0xc6, 0x36, 0xa7, 0x73, + 0x7b, 0x11, 0x53, 0x2a, 0x2f, 0x14, 0x50, 0x8c, 0x28, 0x65, 0x43, 0x64, 0xc4, 0x03, 0xd8, 0x89, + 0x22, 0x5c, 0x66, 0x0f, 0x2d, 0xd7, 0xee, 0x53, 0x37, 0x54, 0xa5, 0xb2, 0x5c, 0x55, 0xea, 0xc7, + 0xda, 0x07, 0xab, 0xd0, 0x56, 0x04, 0xb4, 0xcb, 0x24, 0xba, 0x25, 0x82, 0x0d, 0x8f, 0x07, 0x0b, + 0x52, 0x9c, 0xaf, 0x81, 0xf8, 0x1c, 0x72, 0x71, 0x83, 0xa1, 0x9a, 0x11, 0xe2, 0x3f, 0x3c, 0x51, + 0x3c, 0xfe, 0x90, 0x34, 0x1a, 0xff, 0x03, 0xbb, 0xcb, 0x6a, 0x43, 0xea, 0xd2, 0x01, 0x67, 0x81, + 0x2a, 0x97, 0xa5, 0xaa, 0x52, 0xff, 0xfe, 0x23, 0x92, 0x69, 0x8d, 0xbd, 0x24, 0x84, 0xa0, 0xf9, + 0x03, 0xa4, 0xa4, 0xc3, 0xde, 0x23, 0x9d, 0x60, 0x04, 0xf2, 0x0d, 0x5d, 0xa8, 0x52, 0x59, 0xaa, + 0xe6, 0x49, 0xf4, 0x8b, 0xf7, 0x21, 0x3b, 0xb3, 0xdd, 0x29, 0x55, 0x33, 0x02, 0x8b, 0x0f, 0xc7, + 0x99, 0x23, 0xa9, 0xf4, 0x56, 0x86, 0x42, 0xcb, 0x09, 0x39, 0xf5, 0x68, 0xf0, 0xa7, 0xcd, 0x07, + 0xd7, 0xf8, 0x1b, 0x50, 0x7c, 0x16, 0x70, 0xcb, 0x9b, 0x4e, 0xfa, 0x34, 0x10, 0x2a, 0x05, 0x02, + 0x11, 0xd4, 0x16, 0x08, 0xae, 0x02, 0x8a, 0x09, 0xf6, 0x84, 0x5a, 0x7e, 0x40, 0x47, 0xce, 0x6d, + 0xa2, 0x5b, 0x14, 0x2c, 0x7b, 0x42, 0xbb, 0x02, 0xc5, 0x23, 0x28, 0xb8, 0x89, 0xb6, 0xc5, 0x17, + 0x3e, 0x15, 0x5d, 0x17, 0xeb, 0xfa, 0x13, 0x07, 0xb9, 0x56, 0xd7, 0xf2, 0x64, 0x2e, 0x7c, 0x4a, + 0xb6, 0xdd, 0x95, 0x13, 0x0e, 0x60, 0x77, 0x99, 0x47, 0x38, 0x66, 0xc0, 0x5c, 0x75, 0x53, 0xe4, + 0x32, 0x3e, 0x2b, 0x57, 0x37, 0x11, 0x23, 0xc8, 0x7d, 0x80, 0x60, 0x15, 0x72, 0xf6, 0x70, 0x18, + 0xd0, 0x30, 0x54, 0xb3, 0x65, 0xb9, 0x9a, 0x27, 0xe9, 0xb1, 0xd2, 0x81, 0xed, 0xd5, 0x5a, 0x71, + 0x0e, 0x64, 0xbd, 0x7d, 0x85, 0x36, 0xf0, 0x1e, 0xec, 0xf4, 0x9a, 0x67, 0xc6, 0xa9, 0x4e, 0xac, + 0x66, 0xfb, 0xa4, 0x73, 0xd1, 0x3e, 0x43, 0x12, 0xde, 0x07, 0x94, 0x82, 0x9d, 0x0b, 0x33, 0x46, + 0x33, 0x58, 0x81, 0xdc, 0xb9, 0x6e, 0x1a, 0x97, 0xfa, 0x15, 0x92, 0x2b, 0x1a, 0xa0, 0x87, 0x05, + 0x09, 0xd1, 0x56, 0x0b, 0x6d, 0xe0, 0x2f, 0x60, 0xf3, 0x77, 0xd3, 0xec, 0x22, 0x29, 0x82, 0xcc, + 0xd3, 0x2e, 0xca, 0x94, 0x5e, 0x49, 0x50, 0x6c, 0x7a, 0x21, 0x0d, 0x78, 0x97, 0x85, 0x0e, 0x77, + 0x98, 0x87, 0xff, 0x82, 0xac, 0xe3, 0x0d, 0xe9, 0xad, 0xb8, 0xce, 0x62, 0xfd, 0xd7, 0x27, 0x4e, + 0x65, 0x5d, 0x45, 0x6b, 0x46, 0x12, 0x24, 0x56, 0x8a, 0x7c, 0x12, 0x50, 0xd7, 0xe6, 0xce, 0x8c, + 0x5a, 0x9c, 0x25, 0x0e, 0x80, 0x14, 0x32, 0x59, 0xe5, 0x10, 0xb2, 0x22, 0x00, 0xe7, 0x21, 0xdb, + 0x68, 0x92, 0x9e, 0x19, 0x57, 0xdb, 0xd2, 0x7b, 0x26, 0x92, 0x30, 0xc0, 0xd6, 0x89, 0xd1, 0xe8, + 0x10, 0x03, 0x65, 0x22, 0x82, 0xde, 0x30, 0x0d, 0x82, 0xe4, 0xd2, 0x4b, 0x19, 0xb6, 0x92, 0x57, + 0xfe, 0x1f, 0x14, 0x97, 0xb7, 0x3a, 0x89, 0xae, 0x45, 0x14, 0xaf, 0xd4, 0x7f, 0x7e, 0xce, 0x95, + 0x92, 0xa5, 0x13, 0x63, 0x97, 0xff, 0x0f, 0x3b, 0x8e, 0x68, 0xce, 0xf2, 0x93, 0xee, 0x44, 0x07, + 0x4a, 0xfd, 0x97, 0x67, 0x8d, 0x86, 0x14, 0x9d, 0xf5, 0x81, 0x5f, 0x81, 0x12, 0xbf, 0xff, 0x55, + 0xe3, 0x1f, 0x7d, 0xd2, 0x06, 0x49, 0x3e, 0xc2, 0xef, 0x30, 0x5a, 0xfe, 0x47, 0x83, 0x4f, 0xa4, + 0xa3, 0x17, 0x28, 0x7c, 0x9e, 0x4f, 0x09, 0xd1, 0xe3, 0xc3, 0xbf, 0x41, 0x21, 0x21, 0x0c, 0x98, + 0x37, 0x72, 0xc6, 0x6a, 0x56, 0x74, 0xf6, 0xa5, 0x16, 0xef, 0x61, 0x2d, 0xdd, 0xc3, 0x5a, 0x4f, + 0xec, 0x61, 0xb2, 0x1d, 0xb3, 0x4f, 0x05, 0xb9, 0xf2, 0x23, 0xc0, 0x7d, 0xe2, 0xc8, 0x88, 0xcd, + 0xf6, 0xdf, 0x7a, 0xab, 0x79, 0xb6, 0xe6, 0x35, 0x05, 0x72, 0x6d, 0xc3, 0xbc, 0xec, 0x90, 0x3f, + 0x50, 0xe6, 0x44, 0x7b, 0x7d, 0x77, 0x20, 0xbd, 0xb9, 0x3b, 0x90, 0xde, 0xdd, 0x1d, 0x48, 0xff, + 0x96, 0xe3, 0x1e, 0x1d, 0x56, 0xb3, 0x7d, 0xa7, 0xf6, 0xc8, 0x72, 0xef, 0x6f, 0x89, 0x02, 0x0e, + 0xdf, 0x07, 0x00, 0x00, 0xff, 0xff, 0xb4, 0x8a, 0xc6, 0x29, 0x5b, 0x06, 0x00, 0x00, } diff --git a/networking/v1alpha3/envoy_filter.proto b/networking/v1alpha3/envoy_filter.proto index c944675e55..a04fc1522b 100644 --- a/networking/v1alpha3/envoy_filter.proto +++ b/networking/v1alpha3/envoy_filter.proto @@ -15,6 +15,7 @@ syntax = "proto3"; import "google/protobuf/struct.proto"; +import "networking/v1alpha3/gateway.proto"; package istio.networking.v1alpha3; @@ -69,6 +70,12 @@ message EnvoyFilter { // specified for the same workload. map workload_labels = 1; + // $hide_from_docs + // Criteria used to select the specific set of pods/VMs + // on which this EnvoyFilter configuration should be applied. Precisely + // one of workloadLabels or workloadSelector must be specified. + WorkloadSelector workload_selector = 3; + // Select a listener to add the filter to based on the match conditions. // All conditions specified in the ListenerMatch must be met for the filter // to be applied to a listener. diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index ffeb080e94..1d552b5e31 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -2169,45 +2169,6 @@

IstioListener

An optional arbitrary name associated with the listener used for emitting metrics.

- - - - - - - - - - - - - - - - @@ -2227,8 +2188,7 @@

IstioListener

Set the namespace to * to import a particular service from any available namespace (e.g., “*/foo.example.com”). Set the dnsName field to * to import all services from the specified namespace (e.g., -“prod/”). Wildcard DNS names can be used to import a specific set of -services from the specified namespace (e.g., “prod/.example.com”).

+“prod/*”). The services should be specified using FQDN format.

NOTE: Only exported services and configuration artifacts from a namespace can be imported. Private services/configuration will not be @@ -3747,36 +3707,6 @@

Sidecar

- "istio-system/*" -

The example below delcares a Sidecar resource in the prod-us1 namespace -that accepts inbound HTTP traffic on port 9080 and forwards -it to the attached workload listening on a unix domain socket. In the -egress direction, in addition to the istio-system namespace, the sidecar -proxies only HTTP traffic bound for port 9080 for services in the -prod-us1 namespace.

- -
apiVersion: networking.istio.io/v1alpha3
-kind: Sidecar
-metadata:
-  name: default
-  namespace: prod-us1
-spec:
-  ingress:
-  - port:
-      number: 9080
-      protocol: HTTP
-      name: somename
-    defaultEndpoint: unix:///var/run/someuds.sock
-  egress:
-  - hosts:
-    - "istio-system/*"
-  - port:
-      number: 9080
-      protocol: HTTP
-      name: egresshttp
-    hosts:
-    - "prod-us1/*"
-
-
FieldTypeDescription
modeMeshConfig.OutboundTrafficPolicy.Mode
VIRTUAL_SERVICE_ONLY -

not implemented. outbound traffic will be restricted to destinations defined in VirtualServices only

+

outbound traffic will be restricted to destinations defined in VirtualServices only
name string -

An arbitrary name associated with the listener used for emitting metrics.

+

An optional arbitrary name associated with the listener used for +emitting metrics.
bindAddressstring
portPort -

The ip:port or the unix domain socket to which the listener should be -bound to. Format: tcp://x.x.x.x:yyyy or unix:///path/to/uds or -unix://@foobar (Linux abstract namespace). To bind to any IP with -specific port, use tcp://0.0.0.0:

+

REQUIRED for ingress. The port associated with the listener. If using +unix domain socket, use 0 as the port number, with a valid +protocol. In the egress path, the port if specified, will be used as +the default destination port associated with the imported hosts. If +the port is omitted, Istio will infer the listener ports based on the +imported hosts. Note that when multiple egress listeners are +specified, where one or more listeners have specific ports while +others have no port, the hosts exposed on a listener port will be +based on the listener with the most specific port.
bindToPortbool
bindAddressstring -

When the bind address is an IP:port, the bindToPort option dictates -whether or not the sidecar should bind its listener socket to the -specified port. Set bindToPort to false (default) if application -traffic entering/leaving a pod/VM is captured automatically through -iptables redirection and forwarded to the sidecar on a specific port -(see proxyListenPort in the global MeshConfig). When not using -iptables for traffic capture, set bindToPort to true to force the -sidecar to bind to the specified port. Note that the binding might -fail if the application workload is already bound to the same port.

+

The ip or the unix domain socket to which the listener should be bound +to. Port MUST be specified if bindAddress is not empty. Format: +x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract +namespace). If omitted, Istio will autoconfigure the defaults based on +imported services and the workload to which this configuration is +applied to.
protocol string -

The protocol associated with this listener. -MUST BE one of HTTP|TCP|TLS|MONGO. -TLS implies the connection will be routed based on the SNI header. -HTTP implies HTTP 1.1/HTTP 2/gRPC

+

Specifies the protocol associated with this listener. Recognized +values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as +equivalent to TCP.
hosts string[] -

One or more hosts (HTTP or SNI) exposed by the listener in +

One or more services/virtualServices exposed by the listener in namespace/dnsName format. Hosts will be ignored for ingress servers. For egress servers, the hosts field results in importing one or more publicly scoped services and VirtualServices from remote @@ -2244,7 +2246,7 @@

IstioListener

configuration can be used to redirect traffic arriving at the bind point on the sidecar to a port or unix domain socket where the application workload is listening for connections. Format should be -tcp://127.0.0.1:PORT or unix:///path/to/socket

+127.0.0.1:PORT or unix:///path/to/socket
workloadSelectorWorkloadSelector -

Criteria used to select the specific set of pods/VMs on which this -sidecar configuration should be applied. If omitted, the sidecar -configuration will be applied to all workloads in the current config -namespace.

- -
ingress IstioListener[]
ipstring -

The IP address of the workload (as seen by Pilot) on which this -gateway/sidecar configuration should be applied.

-
portPort -

REQUIRED for ingress. The port associated with the listener. If using -unix domain socket, use 0 as the port number, with a valid -protocol. In the egress path, the port if specified, will be used as -the default destination port associated with the imported hosts. If -the port is omitted, Istio will infer the listener ports based on the -imported hosts. Note that when multiple egress listeners are -specified, where one or more listeners have specific ports while -others have no port, the hosts exposed on a listener port will be -based on the listener with the most specific port.

- -
bindAddressstring -

The ip or the unix domain socket to which the listener should be bound -to. Port MUST be specified if bindAddress is not empty. Format: -x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract -namespace). If omitted, Istio will autoconfigure the defaults based on -imported services and the workload to which this configuration is -applied to.

- -
protocolstring -

Specifies the protocol associated with this listener. Recognized -values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as -equivalent to TCP.

-
@@ -3786,18 +3716,6 @@

Sidecar

- - - - - diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index c220974e88..effb1395fc 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -81,37 +81,6 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // - "istio-system/*" // ``` // -// The example below delcares a Sidecar resource in the prod-us1 namespace -// that accepts inbound HTTP traffic on port 9080 and forwards -// it to the attached workload listening on a unix domain socket. In the -// egress direction, in addition to the istio-system namespace, the sidecar -// proxies only HTTP traffic bound for port 9080 for services in the -// prod-us1 namespace. -// -// ```yaml -// apiVersion: networking.istio.io/v1alpha3 -// kind: Sidecar -// metadata: -// name: default -// namespace: prod-us1 -// spec: -// ingress: -// - port: -// number: 9080 -// protocol: HTTP -// name: somename -// defaultEndpoint: unix:///var/run/someuds.sock -// egress: -// - hosts: -// - "istio-system/*" -// - port: -// number: 9080 -// protocol: HTTP -// name: egresshttp -// hosts: -// - "prod-us1/*" -// ``` -// type Sidecar struct { // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this @@ -119,6 +88,7 @@ type Sidecar struct { // configuration will be applied to all workloads in the current config // namespace. WorkloadSelector *WorkloadSelector `protobuf:"bytes,1,opt,name=workload_selector,json=workloadSelector" json:"workload_selector,omitempty"` + // $hide_from_docs // Ingress specifies the configuration of the sidecar for processing // inbound traffic to the attached workload. If omitted, Istio will // autoconfigure the sidecar based on the information about the workload @@ -164,6 +134,7 @@ type IstioListener struct { // An optional arbitrary name associated with the listener used for // emitting metrics. Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // $hide_from_docs // REQUIRED for ingress. The port associated with the listener. If using // unix domain socket, use 0 as the port number, with a valid // protocol. In the egress path, the port if specified, will be used as @@ -174,6 +145,7 @@ type IstioListener struct { // others have no port, the hosts exposed on a listener port will be // based on the listener with the most specific port. Port *Port `protobuf:"bytes,2,opt,name=port" json:"port,omitempty"` + // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound // to. Port MUST be specified if bindAddress is not empty. Format: // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract @@ -192,10 +164,6 @@ type IstioListener struct { // sidecar to bind to the specified port. Note that the binding might // fail if the application workload is already bound to the same port. BindToPort bool `protobuf:"varint,4,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"` - // Specifies the protocol associated with this listener. Recognized - // values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as - // equivalent to TCP. - Protocol string `protobuf:"bytes,5,opt,name=protocol,proto3" json:"protocol,omitempty"` // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress // servers*_. For egress servers, the hosts field results in importing @@ -209,21 +177,20 @@ type IstioListener struct { // Set the namespace to * to import a particular service from any // available namespace (e.g., "*/foo.example.com"). Set the dnsName field // to * to import all services from the specified namespace (e.g., - // "prod/*"). Wildcard DNS names can be used to import a specific set of - // services from the specified namespace (e.g., "prod/*.example.com"). + // "prod/*"). The services should be specified using FQDN format. // // NOTE: Only exported services and configuration artifacts from a // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - Hosts []string `protobuf:"bytes,6,rep,name=hosts" json:"hosts,omitempty"` + Hosts []string `protobuf:"bytes,5,rep,name=hosts" json:"hosts,omitempty"` // The IP endpoint or unix domain socket to which traffic should be // forwarded to by default. In the context of an ingress server, this // configuration can be used to redirect traffic arriving at the bind // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be // 127.0.0.1:PORT or unix:///path/to/socket - DefaultEndpoint string `protobuf:"bytes,7,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` + DefaultEndpoint string `protobuf:"bytes,6,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } func (m *IstioListener) Reset() { *m = IstioListener{} } @@ -259,13 +226,6 @@ func (m *IstioListener) GetBindToPort() bool { return false } -func (m *IstioListener) GetProtocol() string { - if m != nil { - return m.Protocol - } - return "" -} - func (m *IstioListener) GetHosts() []string { if m != nil { return m.Hosts @@ -384,15 +344,9 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { } i++ } - if len(m.Protocol) > 0 { - dAtA[i] = 0x2a - i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(m.Protocol))) - i += copy(dAtA[i:], m.Protocol) - } if len(m.Hosts) > 0 { for _, s := range m.Hosts { - dAtA[i] = 0x32 + dAtA[i] = 0x2a i++ l = len(s) for l >= 1<<7 { @@ -406,7 +360,7 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { } } if len(m.DefaultEndpoint) > 0 { - dAtA[i] = 0x3a + dAtA[i] = 0x32 i++ i = encodeVarintSidecar(dAtA, i, uint64(len(m.DefaultEndpoint))) i += copy(dAtA[i:], m.DefaultEndpoint) @@ -463,10 +417,6 @@ func (m *IstioListener) Size() (n int) { if m.BindToPort { n += 2 } - l = len(m.Protocol) - if l > 0 { - n += 1 + l + sovSidecar(uint64(l)) - } if len(m.Hosts) > 0 { for _, s := range m.Hosts { l = len(s) @@ -779,35 +729,6 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } m.BindToPort = bool(v != 0) case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSidecar - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthSidecar - } - postIndex := iNdEx + intStringLen - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Protocol = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) } @@ -836,7 +757,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 7: + case 6: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) } @@ -994,30 +915,29 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } var fileDescriptorSidecar = []byte{ - // 392 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcf, 0x8e, 0xd3, 0x30, - 0x10, 0xc6, 0xf1, 0xb6, 0x9b, 0xec, 0x4e, 0x40, 0x04, 0x8b, 0x43, 0xd8, 0x43, 0xc9, 0xee, 0x01, - 0x05, 0x90, 0x12, 0xb1, 0x7d, 0x01, 0xda, 0xaa, 0x87, 0x4a, 0x3d, 0x54, 0x69, 0xf9, 0x23, 0x2e, - 0x91, 0x9b, 0xb8, 0xa9, 0x45, 0xf0, 0x44, 0xb6, 0xa1, 0xe2, 0x0d, 0x39, 0xf2, 0x08, 0xa8, 0x37, - 0x5e, 0x81, 0x13, 0x8a, 0x93, 0x82, 0x40, 0xa5, 0x12, 0xb7, 0xcc, 0x37, 0xdf, 0xf7, 0x9b, 0x19, - 0xc5, 0x70, 0x2d, 0xb9, 0xd9, 0xa1, 0x7a, 0x2f, 0x64, 0x99, 0x7c, 0x7a, 0xc1, 0xaa, 0x7a, 0xcb, - 0x86, 0x89, 0x16, 0x05, 0xcf, 0x99, 0x8a, 0x6b, 0x85, 0x06, 0xe9, 0x23, 0xa1, 0x8d, 0xc0, 0xf8, - 0xb7, 0x31, 0x3e, 0x18, 0xaf, 0x8e, 0xa6, 0x4b, 0x66, 0xf8, 0x8e, 0x7d, 0x6e, 0xd3, 0x37, 0xdf, - 0x09, 0xb8, 0xcb, 0x96, 0x47, 0xdf, 0xc2, 0x83, 0xc6, 0x5d, 0x21, 0x2b, 0x32, 0xcd, 0x2b, 0x9e, - 0x1b, 0x54, 0x01, 0x09, 0x49, 0xe4, 0xdd, 0x3e, 0x8f, 0xff, 0x39, 0x25, 0x7e, 0xd3, 0x65, 0x96, - 0x5d, 0x24, 0xf5, 0x77, 0x7f, 0x29, 0x74, 0x0c, 0xae, 0x90, 0xa5, 0xe2, 0x5a, 0x07, 0x67, 0x61, - 0x2f, 0xf2, 0x6e, 0xa3, 0x13, 0xbc, 0x59, 0xd3, 0x99, 0x0b, 0x6d, 0xb8, 0xe4, 0x2a, 0x3d, 0x04, - 0xe9, 0x4b, 0x70, 0x78, 0x8b, 0xe8, 0xfd, 0x27, 0xa2, 0xcb, 0xdd, 0xfc, 0x20, 0x70, 0xef, 0x8f, - 0x0e, 0xa5, 0xd0, 0x97, 0xec, 0x03, 0xb7, 0x47, 0x5e, 0xa6, 0xf6, 0x9b, 0x0e, 0xa1, 0x5f, 0xa3, - 0x32, 0xc1, 0x99, 0x3d, 0xfc, 0xf1, 0x89, 0x29, 0x0b, 0x54, 0x26, 0xb5, 0x66, 0x7a, 0x0d, 0x77, - 0xd7, 0x42, 0x16, 0x19, 0x2b, 0x8a, 0x6e, 0xc5, 0x06, 0xe8, 0x35, 0xda, 0xa8, 0x95, 0x68, 0xd8, - 0x59, 0x0c, 0x66, 0x96, 0xdf, 0x0f, 0x49, 0x74, 0x91, 0x42, 0xa3, 0xad, 0xb0, 0x41, 0xd1, 0x2b, - 0xb8, 0xb0, 0x3f, 0x25, 0xc7, 0x2a, 0x38, 0xb7, 0x80, 0x5f, 0x35, 0x7d, 0x08, 0xe7, 0x5b, 0xd4, - 0x46, 0x07, 0x4e, 0xd8, 0x8b, 0x2e, 0xd3, 0xb6, 0xa0, 0x4f, 0xc1, 0x2f, 0xf8, 0x86, 0x7d, 0xac, - 0x4c, 0xc6, 0x65, 0x51, 0xa3, 0x90, 0x26, 0x70, 0x6d, 0xf2, 0x7e, 0xa7, 0x4f, 0x3b, 0xf9, 0xd9, - 0x13, 0xf0, 0x26, 0x28, 0x37, 0xa2, 0x5c, 0xe6, 0x58, 0x73, 0x0a, 0xe0, 0x2c, 0x5e, 0x8d, 0xe7, - 0xb3, 0x89, 0x7f, 0x87, 0x7a, 0xe0, 0x2e, 0xd2, 0xd9, 0xeb, 0xd1, 0x6a, 0xea, 0x93, 0x71, 0xfc, - 0x65, 0x3f, 0x20, 0x5f, 0xf7, 0x03, 0xf2, 0x6d, 0x3f, 0x20, 0xef, 0xc2, 0xf6, 0x7a, 0x81, 0x09, - 0xab, 0x45, 0x72, 0xe4, 0x39, 0xad, 0x1d, 0xbb, 0xe2, 0xf0, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff, - 0x49, 0xd2, 0x98, 0x14, 0xaa, 0x02, 0x00, 0x00, + // 379 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0xcd, 0x6e, 0xda, 0x40, + 0x14, 0x85, 0x3b, 0xfc, 0x98, 0x72, 0xdd, 0xaa, 0xee, 0xa8, 0x0b, 0xb7, 0x0b, 0x6a, 0x58, 0x54, + 0x6e, 0x2b, 0xd9, 0x0a, 0xbc, 0x40, 0x00, 0xb1, 0x40, 0x62, 0x81, 0x0c, 0xf9, 0x51, 0x36, 0xd6, + 0x80, 0x07, 0x33, 0x8a, 0x33, 0x63, 0xcd, 0x4c, 0x82, 0xf2, 0x86, 0x59, 0xe6, 0x09, 0xa2, 0x88, + 0x5d, 0xde, 0x22, 0xf2, 0x0f, 0x8a, 0x12, 0x11, 0xa4, 0xec, 0xec, 0x73, 0xcf, 0xf9, 0xee, 0x1c, + 0xe9, 0x42, 0x9b, 0x53, 0xbd, 0x11, 0xf2, 0x92, 0xf1, 0xd8, 0xbf, 0x39, 0x22, 0x49, 0xba, 0x26, + 0x3d, 0x5f, 0xb1, 0x88, 0x2e, 0x89, 0xf4, 0x52, 0x29, 0xb4, 0xc0, 0x3f, 0x99, 0xd2, 0x4c, 0x78, + 0x2f, 0x46, 0x6f, 0x67, 0xfc, 0xb5, 0x37, 0x1d, 0x13, 0x4d, 0x37, 0xe4, 0xb6, 0x48, 0x77, 0x9e, + 0x10, 0x34, 0x66, 0x05, 0x0f, 0x9f, 0xc3, 0xf7, 0xcc, 0x9d, 0x08, 0x12, 0x85, 0x8a, 0x26, 0x74, + 0xa9, 0x85, 0xb4, 0x91, 0x83, 0x5c, 0xb3, 0xfb, 0xdf, 0x7b, 0x77, 0x8b, 0x77, 0x56, 0x66, 0x66, + 0x65, 0x24, 0xb0, 0x36, 0x6f, 0x14, 0x3c, 0x80, 0x06, 0xe3, 0xb1, 0xa4, 0x4a, 0xd9, 0x15, 0xa7, + 0xea, 0x9a, 0x5d, 0xf7, 0x00, 0x6f, 0x9c, 0x4d, 0x26, 0x4c, 0x69, 0xca, 0xa9, 0x0c, 0x76, 0x41, + 0x7c, 0x0c, 0x06, 0x2d, 0x10, 0xd5, 0x0f, 0x22, 0xca, 0x5c, 0xe7, 0x01, 0xc1, 0xd7, 0x57, 0x13, + 0x8c, 0xa1, 0xc6, 0xc9, 0x15, 0xcd, 0x4b, 0x36, 0x83, 0xfc, 0x1b, 0xf7, 0xa0, 0x96, 0x0a, 0xa9, + 0xed, 0x4a, 0x5e, 0xfc, 0xf7, 0x81, 0x2d, 0x53, 0x21, 0x75, 0x90, 0x9b, 0x71, 0x1b, 0xbe, 0x2c, + 0x18, 0x8f, 0x42, 0x12, 0x45, 0xe5, 0x13, 0x33, 0xa0, 0x99, 0x69, 0xfd, 0x42, 0xc2, 0x4e, 0x69, + 0xd1, 0x22, 0xcc, 0xf9, 0x35, 0x07, 0xb9, 0x9f, 0x03, 0xc8, 0xb4, 0xb9, 0xc8, 0x50, 0xf8, 0x07, + 0xd4, 0xd7, 0x42, 0x69, 0x65, 0xd7, 0x9d, 0xaa, 0xdb, 0x0c, 0x8a, 0x1f, 0xfc, 0x17, 0xac, 0x88, + 0xae, 0xc8, 0x75, 0xa2, 0x43, 0xca, 0xa3, 0x54, 0x30, 0xae, 0x6d, 0x23, 0xc7, 0x7f, 0x2b, 0xf5, + 0x51, 0x29, 0xff, 0xfb, 0x03, 0xe6, 0x50, 0xf0, 0x15, 0x8b, 0x67, 0x4b, 0x91, 0x52, 0x0c, 0x60, + 0x4c, 0x4f, 0x06, 0x93, 0xf1, 0xd0, 0xfa, 0x84, 0x4d, 0x68, 0x4c, 0x83, 0xf1, 0x69, 0x7f, 0x3e, + 0xb2, 0xd0, 0xc0, 0xbb, 0xdb, 0xb6, 0xd0, 0xfd, 0xb6, 0x85, 0x1e, 0xb7, 0x2d, 0x74, 0xe1, 0x14, + 0x0d, 0x99, 0xf0, 0x49, 0xca, 0xfc, 0x3d, 0x27, 0xb3, 0x30, 0xf2, 0x5b, 0xe9, 0x3d, 0x07, 0x00, + 0x00, 0xff, 0xff, 0x29, 0x6f, 0x5f, 0x4e, 0x8e, 0x02, 0x00, 0x00, } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index 0f1c882512..c17facf237 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -58,37 +58,6 @@ option go_package = "istio.io/api/networking/v1alpha3"; // - "istio-system/*" // ``` // -// The example below delcares a Sidecar resource in the prod-us1 namespace -// that accepts inbound HTTP traffic on port 9080 and forwards -// it to the attached workload listening on a unix domain socket. In the -// egress direction, in addition to the istio-system namespace, the sidecar -// proxies only HTTP traffic bound for port 9080 for services in the -// prod-us1 namespace. -// -// ```yaml -// apiVersion: networking.istio.io/v1alpha3 -// kind: Sidecar -// metadata: -// name: default -// namespace: prod-us1 -// spec: -// ingress: -// - port: -// number: 9080 -// protocol: HTTP -// name: somename -// defaultEndpoint: unix:///var/run/someuds.sock -// egress: -// - hosts: -// - "istio-system/*" -// - port: -// number: 9080 -// protocol: HTTP -// name: egresshttp -// hosts: -// - "prod-us1/*" -// ``` -// message Sidecar { // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this @@ -97,6 +66,7 @@ message Sidecar { // namespace. WorkloadSelector workload_selector = 1; + // $hide_from_docs // Ingress specifies the configuration of the sidecar for processing // inbound traffic to the attached workload. If omitted, Istio will // autoconfigure the sidecar based on the information about the workload @@ -118,6 +88,7 @@ message IstioListener { // emitting metrics. string name = 1; + // $hide_from_docs // REQUIRED for ingress. The port associated with the listener. If using // unix domain socket, use 0 as the port number, with a valid // protocol. In the egress path, the port if specified, will be used as @@ -129,6 +100,7 @@ message IstioListener { // based on the listener with the most specific port. Port port = 2; + // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound // to. Port MUST be specified if bindAddress is not empty. Format: // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract @@ -149,11 +121,6 @@ message IstioListener { // fail if the application workload is already bound to the same port. bool bind_to_port = 4; - // Specifies the protocol associated with this listener. Recognized - // values are HTTP|TCP|MONGO|MYSQL. Any other value will be treated as - // equivalent to TCP. - string protocol = 5; - // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress // servers*_. For egress servers, the hosts field results in importing @@ -167,14 +134,13 @@ message IstioListener { // Set the namespace to * to import a particular service from any // available namespace (e.g., "*/foo.example.com"). Set the dnsName field // to * to import all services from the specified namespace (e.g., - // "prod/*"). Wildcard DNS names can be used to import a specific set of - // services from the specified namespace (e.g., "prod/*.example.com"). + // "prod/*"). The services should be specified using FQDN format. // // NOTE: Only exported services and configuration artifacts from a // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - repeated string hosts = 6; + repeated string hosts = 5; // The IP endpoint or unix domain socket to which traffic should be // forwarded to by default. In the context of an ingress server, this @@ -182,7 +148,7 @@ message IstioListener { // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be // 127.0.0.1:PORT or unix:///path/to/socket - string default_endpoint = 7; + string default_endpoint = 6; } // ConfigScope defines the visibility of an Istio configuration artifact in @@ -198,3 +164,36 @@ enum ConfigScope { // namespace as the configuration resource. PRIVATE = 1; } + +// $hide_from_docs +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that accepts inbound HTTP traffic on port 9080 and forwards +// it to the attached workload listening on a unix domain socket. In the +// egress direction, in addition to the istio-system namespace, the sidecar +// proxies only HTTP traffic bound for port 9080 for services in the +// prod-us1 namespace. +// +// ```yaml +// apiVersion: networking.istio.io/v1alpha3 +// kind: Sidecar +// metadata: +// name: default +// namespace: prod-us1 +// spec: +// ingress: +// - port: +// number: 9080 +// protocol: HTTP +// name: somename +// defaultEndpoint: unix:///var/run/someuds.sock +// egress: +// - hosts: +// - "istio-system/*" +// - port: +// number: 9080 +// protocol: HTTP +// name: egresshttp +// hosts: +// - "prod-us1/*" +// ``` +// diff --git a/proto.lock b/proto.lock index 3ed912ea4b..e284fa4eba 100644 --- a/proto.lock +++ b/proto.lock @@ -2878,6 +2878,11 @@ { "name": "EnvoyFilter", "fields": [ + { + "id": 3, + "name": "workload_selector", + "type": "WorkloadSelector" + }, { "id": 2, "name": "filters", @@ -3375,17 +3380,12 @@ }, { "id": 5, - "name": "protocol", - "type": "string" - }, - { - "id": 6, "name": "hosts", "type": "string", "is_repeated": true }, { - "id": 7, + "id": 6, "name": "default_endpoint", "type": "string" } diff --git a/python/istio_api/networking/v1alpha3/envoy_filter_pb2.py b/python/istio_api/networking/v1alpha3/envoy_filter_pb2.py index 98199a458f..b65b823f3a 100644 --- a/python/istio_api/networking/v1alpha3/envoy_filter_pb2.py +++ b/python/istio_api/networking/v1alpha3/envoy_filter_pb2.py @@ -14,15 +14,16 @@ from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 +from networking.v1alpha3 import gateway_pb2 as networking_dot_v1alpha3_dot_gateway__pb2 DESCRIPTOR = _descriptor.FileDescriptor( name='networking/v1alpha3/envoy_filter.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n&networking/v1alpha3/envoy_filter.proto\x12\x19istio.networking.v1alpha3\x1a\x1cgoogle/protobuf/struct.proto\"\x80\t\n\x0b\x45nvoyFilter\x12S\n\x0fworkload_labels\x18\x01 \x03(\x0b\x32:.istio.networking.v1alpha3.EnvoyFilter.WorkloadLabelsEntry\x12>\n\x07\x66ilters\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.EnvoyFilter.Filter\x1a\x35\n\x13WorkloadLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a\x8c\x03\n\rListenerMatch\x12\x13\n\x0bport_number\x18\x01 \x01(\r\x12\x18\n\x10port_name_prefix\x18\x02 \x01(\t\x12X\n\rlistener_type\x18\x03 \x01(\x0e\x32\x41.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch.ListenerType\x12`\n\x11listener_protocol\x18\x04 \x01(\x0e\x32\x45.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch.ListenerProtocol\x12\x0f\n\x07\x61\x64\x64ress\x18\x05 \x03(\t\"O\n\x0cListenerType\x12\x07\n\x03\x41NY\x10\x00\x12\x13\n\x0fSIDECAR_INBOUND\x10\x01\x12\x14\n\x10SIDECAR_OUTBOUND\x10\x02\x12\x0b\n\x07GATEWAY\x10\x03\".\n\x10ListenerProtocol\x12\x07\n\x03\x41LL\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\x07\n\x03TCP\x10\x02\x1a\xa6\x01\n\x0eInsertPosition\x12J\n\x05index\x18\x01 \x01(\x0e\x32;.istio.networking.v1alpha3.EnvoyFilter.InsertPosition.Index\x12\x13\n\x0brelative_to\x18\x02 \x01(\t\"3\n\x05Index\x12\t\n\x05\x46IRST\x10\x00\x12\x08\n\x04LAST\x10\x01\x12\n\n\x06\x42\x45\x46ORE\x10\x02\x12\t\n\x05\x41\x46TER\x10\x03\x1a\xec\x02\n\x06\x46ilter\x12L\n\x0elistener_match\x18\x01 \x01(\x0b\x32\x34.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch\x12N\n\x0finsert_position\x18\x02 \x01(\x0b\x32\x35.istio.networking.v1alpha3.EnvoyFilter.InsertPosition\x12M\n\x0b\x66ilter_type\x18\x03 \x01(\x0e\x32\x38.istio.networking.v1alpha3.EnvoyFilter.Filter.FilterType\x12\x13\n\x0b\x66ilter_name\x18\x04 \x01(\t\x12.\n\rfilter_config\x18\x05 \x01(\x0b\x32\x17.google.protobuf.Struct\"0\n\nFilterType\x12\x0b\n\x07INVALID\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\x0b\n\x07NETWORK\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n&networking/v1alpha3/envoy_filter.proto\x12\x19istio.networking.v1alpha3\x1a\x1cgoogle/protobuf/struct.proto\x1a!networking/v1alpha3/gateway.proto\"\xc8\t\n\x0b\x45nvoyFilter\x12S\n\x0fworkload_labels\x18\x01 \x03(\x0b\x32:.istio.networking.v1alpha3.EnvoyFilter.WorkloadLabelsEntry\x12\x46\n\x11workload_selector\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12>\n\x07\x66ilters\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.EnvoyFilter.Filter\x1a\x35\n\x13WorkloadLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x1a\x8c\x03\n\rListenerMatch\x12\x13\n\x0bport_number\x18\x01 \x01(\r\x12\x18\n\x10port_name_prefix\x18\x02 \x01(\t\x12X\n\rlistener_type\x18\x03 \x01(\x0e\x32\x41.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch.ListenerType\x12`\n\x11listener_protocol\x18\x04 \x01(\x0e\x32\x45.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch.ListenerProtocol\x12\x0f\n\x07\x61\x64\x64ress\x18\x05 \x03(\t\"O\n\x0cListenerType\x12\x07\n\x03\x41NY\x10\x00\x12\x13\n\x0fSIDECAR_INBOUND\x10\x01\x12\x14\n\x10SIDECAR_OUTBOUND\x10\x02\x12\x0b\n\x07GATEWAY\x10\x03\".\n\x10ListenerProtocol\x12\x07\n\x03\x41LL\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\x07\n\x03TCP\x10\x02\x1a\xa6\x01\n\x0eInsertPosition\x12J\n\x05index\x18\x01 \x01(\x0e\x32;.istio.networking.v1alpha3.EnvoyFilter.InsertPosition.Index\x12\x13\n\x0brelative_to\x18\x02 \x01(\t\"3\n\x05Index\x12\t\n\x05\x46IRST\x10\x00\x12\x08\n\x04LAST\x10\x01\x12\n\n\x06\x42\x45\x46ORE\x10\x02\x12\t\n\x05\x41\x46TER\x10\x03\x1a\xec\x02\n\x06\x46ilter\x12L\n\x0elistener_match\x18\x01 \x01(\x0b\x32\x34.istio.networking.v1alpha3.EnvoyFilter.ListenerMatch\x12N\n\x0finsert_position\x18\x02 \x01(\x0b\x32\x35.istio.networking.v1alpha3.EnvoyFilter.InsertPosition\x12M\n\x0b\x66ilter_type\x18\x03 \x01(\x0e\x32\x38.istio.networking.v1alpha3.EnvoyFilter.Filter.FilterType\x12\x13\n\x0b\x66ilter_name\x18\x04 \x01(\t\x12.\n\rfilter_config\x18\x05 \x01(\x0b\x32\x17.google.protobuf.Struct\"0\n\nFilterType\x12\x0b\n\x07INVALID\x10\x00\x12\x08\n\x04HTTP\x10\x01\x12\x0b\n\x07NETWORK\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , - dependencies=[google_dot_protobuf_dot_struct__pb2.DESCRIPTOR,]) + dependencies=[google_dot_protobuf_dot_struct__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -51,8 +52,8 @@ ], containing_type=None, options=None, - serialized_start=589, - serialized_end=668, + serialized_start=696, + serialized_end=775, ) _sym_db.RegisterEnumDescriptor(_ENVOYFILTER_LISTENERMATCH_LISTENERTYPE) @@ -77,8 +78,8 @@ ], containing_type=None, options=None, - serialized_start=670, - serialized_end=716, + serialized_start=777, + serialized_end=823, ) _sym_db.RegisterEnumDescriptor(_ENVOYFILTER_LISTENERMATCH_LISTENERPROTOCOL) @@ -107,8 +108,8 @@ ], containing_type=None, options=None, - serialized_start=834, - serialized_end=885, + serialized_start=941, + serialized_end=992, ) _sym_db.RegisterEnumDescriptor(_ENVOYFILTER_INSERTPOSITION_INDEX) @@ -133,8 +134,8 @@ ], containing_type=None, options=None, - serialized_start=1204, - serialized_end=1252, + serialized_start=1311, + serialized_end=1359, ) _sym_db.RegisterEnumDescriptor(_ENVOYFILTER_FILTER_FILTERTYPE) @@ -172,8 +173,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=264, - serialized_end=317, + serialized_start=371, + serialized_end=424, ) _ENVOYFILTER_LISTENERMATCH = _descriptor.Descriptor( @@ -232,8 +233,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=320, - serialized_end=716, + serialized_start=427, + serialized_end=823, ) _ENVOYFILTER_INSERTPOSITION = _descriptor.Descriptor( @@ -270,8 +271,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=719, - serialized_end=885, + serialized_start=826, + serialized_end=992, ) _ENVOYFILTER_FILTER = _descriptor.Descriptor( @@ -329,8 +330,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=888, - serialized_end=1252, + serialized_start=995, + serialized_end=1359, ) _ENVOYFILTER = _descriptor.Descriptor( @@ -348,7 +349,14 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='filters', full_name='istio.networking.v1alpha3.EnvoyFilter.filters', index=1, + name='workload_selector', full_name='istio.networking.v1alpha3.EnvoyFilter.workload_selector', index=1, + number=3, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='filters', full_name='istio.networking.v1alpha3.EnvoyFilter.filters', index=2, number=2, type=11, cpp_type=10, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, @@ -366,8 +374,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=100, - serialized_end=1252, + serialized_start=135, + serialized_end=1359, ) _ENVOYFILTER_WORKLOADLABELSENTRY.containing_type = _ENVOYFILTER @@ -386,6 +394,7 @@ _ENVOYFILTER_FILTER.containing_type = _ENVOYFILTER _ENVOYFILTER_FILTER_FILTERTYPE.containing_type = _ENVOYFILTER_FILTER _ENVOYFILTER.fields_by_name['workload_labels'].message_type = _ENVOYFILTER_WORKLOADLABELSENTRY +_ENVOYFILTER.fields_by_name['workload_selector'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._WORKLOADSELECTOR _ENVOYFILTER.fields_by_name['filters'].message_type = _ENVOYFILTER_FILTER DESCRIPTOR.message_types_by_name['EnvoyFilter'] = _ENVOYFILTER _sym_db.RegisterFileDescriptor(DESCRIPTOR) diff --git a/python/istio_api/networking/v1alpha3/sidecar_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py index 3867e6bce8..3368ba3703 100644 --- a/python/istio_api/networking/v1alpha3/sidecar_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -21,7 +21,7 @@ name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\xb3\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x03 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x04 \x01(\x08\x12\x10\n\x08protocol\x18\x05 \x01(\t\x12\r\n\x05hosts\x18\x06 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x07 \x01(\t*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\xa1\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x14\n\x0c\x62ind_address\x18\x03 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x04 \x01(\x08\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -42,8 +42,8 @@ ], containing_type=None, options=None, - serialized_start=482, - serialized_end=520, + serialized_start=464, + serialized_end=502, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) @@ -134,22 +134,15 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='protocol', full_name='istio.networking.v1alpha3.IstioListener.protocol', index=4, - number=5, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), - message_type=None, enum_type=None, containing_type=None, - is_extension=False, extension_scope=None, - options=None, file=DESCRIPTOR), - _descriptor.FieldDescriptor( - name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=5, - number=6, type=9, cpp_type=9, label=3, + name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=4, + number=5, type=9, cpp_type=9, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=6, - number=7, type=9, cpp_type=9, label=1, + name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=5, + number=6, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, @@ -167,7 +160,7 @@ oneofs=[ ], serialized_start=301, - serialized_end=480, + serialized_end=462, ) _SIDECAR.fields_by_name['workload_selector'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._WORKLOADSELECTOR From e2ab7c629bb5ed5b485965133672d621b568f03e Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Wed, 2 Jan 2019 20:25:22 -0500 Subject: [PATCH 07/11] update comments Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/gateway.pb.go | 9 ++++++--- networking/v1alpha3/gateway.proto | 15 +++++++++------ .../v1alpha3/istio.networking.v1alpha3.pb.html | 9 ++++++--- 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index 4d827c0ea4..e841fde5d7 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -560,9 +560,12 @@ func (m *Port) GetName() string { } // WorkloadSelector specifies the criteria used to determine if the Gateway -// or Sidecar resource can be applied to a given workload. If multiple -// conditions are specified, all conditions need to match in order for the -// workload to be selected. +// or Sidecar resource can be applied to a proxy. The matching criteria +// includes the metadata associated with a proxy, workload info such as +// labels attached to the pod/VM, or any other info that the proxy provides +// to Istio during the initial handshake. If multiple conditions are +// specified, all conditions need to match in order for the workload to be +// selected. Currently, only label based selection mechanism is supported. type WorkloadSelector struct { // One or more labels that indicate a specific set of pods/VMs on which // this gateway/sidecar configuration should be applied. The scope of diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index 1f70f18bc9..525412e8e1 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -375,9 +375,12 @@ message Port { } // WorkloadSelector specifies the criteria used to determine if the Gateway -// or Sidecar resource can be applied to a given workload. If multiple -// conditions are specified, all conditions need to match in order for the -// workload to be selected. +// or Sidecar resource can be applied to a proxy. The matching criteria +// includes the metadata associated with a proxy, workload info such as +// labels attached to the pod/VM, or any other info that the proxy provides +// to Istio during the initial handshake. If multiple conditions are +// specified, all conditions need to match in order for the workload to be +// selected. Currently, only label based selection mechanism is supported. message WorkloadSelector { // One or more labels that indicate a specific set of pods/VMs on which // this gateway/sidecar configuration should be applied. The scope of @@ -386,7 +389,7 @@ message WorkloadSelector { map labels = 1; // $hide_from_docs - // [#not-implemented-hide:] - // other forms of identification such as X509 fields, tenant IDs, JWT, - // etc. will be added in future. + // other forms of identification supplied by the proxy + // when connecting to Pilot, such as X509 fields, tenant IDs, JWT, + // etc. This has nothing to do with the request level authN etc. } diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 1d552b5e31..cd2699fdde 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -4498,9 +4498,12 @@

VirtualService

WorkloadSelector

WorkloadSelector specifies the criteria used to determine if the Gateway -or Sidecar resource can be applied to a given workload. If multiple -conditions are specified, all conditions need to match in order for the -workload to be selected.

+or Sidecar resource can be applied to a proxy. The matching criteria +includes the metadata associated with a proxy, workload info such as +labels attached to the pod/VM, or any other info that the proxy provides +to Istio during the initial handshake. If multiple conditions are +specified, all conditions need to match in order for the workload to be +selected. Currently, only label based selection mechanism is supported.
ingressIstioListener[] -

Ingress specifies the configuration of the sidecar for processing -inbound traffic to the attached workload. If omitted, Istio will -autoconfigure the sidecar based on the information about the workload -obtained from the service registry (e.g., exposed ports, services, -etc.).

- -
egress IstioListener[]
From 112c89539a28f03ade3cdb9763fdc057bf86edc1 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Thu, 3 Jan 2019 21:30:16 -0500 Subject: [PATCH 08/11] feedback --- mesh/v1alpha1/config.proto | 10 +++--- networking/v1alpha3/envoy_filter.proto | 7 ---- networking/v1alpha3/gateway.proto | 44 ++++++----------------- networking/v1alpha3/sidecar.proto | 49 ++++++++++++++++++++------ 4 files changed, 53 insertions(+), 57 deletions(-) diff --git a/mesh/v1alpha1/config.proto b/mesh/v1alpha1/config.proto index f41e098f0d..b2d09db1c7 100644 --- a/mesh/v1alpha1/config.proto +++ b/mesh/v1alpha1/config.proto @@ -167,11 +167,11 @@ message MeshConfig { // Set the default behavior of the sidecar for handling outbound traffic // from the application. If your application uses one or more external // services that are not known apriori, setting the policy to ALLOW_ANY - // will cause the sidecars to route traffic to the any unknown traffic - // originating from the application to its requested destination. Users - // are strongly encouraged to use ServiceEntries to explicitly declare - // any external dependencies, instead of using allow_any, so that traffic - // to these services can be monitored. + // will cause the sidecars to route any unknown traffic originating from + // the application to its requested destination. Users are strongly + // encouraged to use ServiceEntries to explicitly declare any external + // dependencies, instead of using allow_any, so that traffic to these + // services can be monitored. OutboundTrafficPolicy outbound_traffic_policy = 17; reserved 18; diff --git a/networking/v1alpha3/envoy_filter.proto b/networking/v1alpha3/envoy_filter.proto index a04fc1522b..c944675e55 100644 --- a/networking/v1alpha3/envoy_filter.proto +++ b/networking/v1alpha3/envoy_filter.proto @@ -15,7 +15,6 @@ syntax = "proto3"; import "google/protobuf/struct.proto"; -import "networking/v1alpha3/gateway.proto"; package istio.networking.v1alpha3; @@ -70,12 +69,6 @@ message EnvoyFilter { // specified for the same workload. map workload_labels = 1; - // $hide_from_docs - // Criteria used to select the specific set of pods/VMs - // on which this EnvoyFilter configuration should be applied. Precisely - // one of workloadLabels or workloadSelector must be specified. - WorkloadSelector workload_selector = 3; - // Select a listener to add the filter to based on the match conditions. // All conditions specified in the ListenerMatch must be met for the filter // to be applied to a listener. diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index 525412e8e1..6c5e7be5b0 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -38,9 +38,8 @@ option go_package = "istio.io/api/networking/v1alpha3"; // name: my-gateway // namespace: some-config-namespace // spec: -// workloadSelector: -// labels: -// app: my-gateway-controller +// selector: +// app: my-gateway-controller // servers: // - port: // number: 80 @@ -180,9 +179,8 @@ message Gateway { // metadata: // name: my-ingress // spec: -// workloadSelector: -// labels: -// app: my-ingress-gateway +// selector: +// app: my-ingress-gateway // servers: // - port: // number: 80 @@ -200,9 +198,8 @@ message Gateway { // metadata: // name: my-tcp-ingress // spec: -// workloadSelector: -// labels: -// app: my-tcp-ingress-gateway +// selector: +// app: my-tcp-ingress-gateway // servers: // - port: // number: 27018 @@ -220,9 +217,8 @@ message Gateway { // metadata: // name: my-tls-ingress // spec: -// workloadSelector: -// labels: -// app: my-tls-ingress-gateway +// selector: +// app: my-tls-ingress-gateway // servers: // - port: // number: 443 @@ -243,8 +239,8 @@ message Server { // connections Port port = 1; - // The IP address to which the listener should be bound to. - string bind_address = 5; + // The IP address to which the listener should be bound. + string bind = 5; // REQUIRED. A list of hosts exposed by this gateway. At least one // host is required. While typically applicable to @@ -373,23 +369,3 @@ message Port { // Label assigned to the port. string name = 3; } - -// WorkloadSelector specifies the criteria used to determine if the Gateway -// or Sidecar resource can be applied to a proxy. The matching criteria -// includes the metadata associated with a proxy, workload info such as -// labels attached to the pod/VM, or any other info that the proxy provides -// to Istio during the initial handshake. If multiple conditions are -// specified, all conditions need to match in order for the workload to be -// selected. Currently, only label based selection mechanism is supported. -message WorkloadSelector { - // One or more labels that indicate a specific set of pods/VMs on which - // this gateway/sidecar configuration should be applied. The scope of - // label search is restricted to the configuration namespace in which the - // workload is present. - map labels = 1; - - // $hide_from_docs - // other forms of identification supplied by the proxy - // when connecting to Pilot, such as X509 fields, tenant IDs, JWT, - // etc. This has nothing to do with the request level authN etc. -} diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index c17facf237..0d3f3eec81 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -33,14 +33,21 @@ option go_package = "istio.io/api/networking/v1alpha3"; // // Services and configuration in a mesh are organized into one or more // namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -// resource in a namespace will apply to all workloads in the namespace in -// the absence of a workload selector. *_Currently, each namespace should -// have only one Sidecar resource without any workload selector_*. The -// behavior of the system is undefined if more than one Sidecar resource -// exists in a given namespace. +// resource in a namespace will apply to all workloads selected using the +// workloadSelector. In the absence of a workloadSelector, it will apply to +// all workloads in the namespace. When determining the Sidecar resource to +// be applied to a workload, preference will be given to the resource with +// a workloadSelector that selects this workload, over a Sidecar resource +// without any workloadSelector. +// +// NOTE: *_Each namespace can have only one Sidecar resource without any +// workload selector_*. The behavior of the system is undefined if more +// than one selector-less Sidecar resources exist in a given namespace. The +// behavior of the system is undefined if two or more Sidecar resources +// with a workload selector select the same workload. // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that configures the sidecar to proxy egress traffic for services in the +// that configures the sidecar to allow egress traffic to services in the // prod-us1 and prod-apis namespaces, and the policy and telemetry service // (if enabled) in the istio-system namespace. // @@ -70,14 +77,14 @@ message Sidecar { // Ingress specifies the configuration of the sidecar for processing // inbound traffic to the attached workload. If omitted, Istio will // autoconfigure the sidecar based on the information about the workload - // obtained from the service registry (e.g., exposed ports, services, + // obtained from the orchestration platform (e.g., exposed ports, services, // etc.). repeated IstioListener ingress = 2; // Egress specifies the configuration of the sidecar for processing // outbound traffic from the attached workload to other services in the // mesh. If omitted, Istio will autoconfigure the sidecar to be able to - // reach every service in the mesh. etc.). + // reach every service in the mesh that is visible to this namespace. repeated IstioListener egress = 3; } @@ -102,15 +109,15 @@ message IstioListener { // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound - // to. Port MUST be specified if bindAddress is not empty. Format: + // to. Port MUST be specified if bind is not empty. Format: // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract // namespace). If omitted, Istio will autoconfigure the defaults based on // imported services and the workload to which this configuration is // applied to. - string bind_address = 3; + string bind = 3; // $hide_from_docs - // When the bind address is an IP:port, the bindToPort option dictates + // When the bind address is an IP, the bindToPort option dictates // whether or not the sidecar should bind its listener socket to the // specified port. Set bindToPort to false (default) if application // traffic entering/leaving a pod/VM is captured automatically through @@ -165,6 +172,26 @@ enum ConfigScope { PRIVATE = 1; } +// WorkloadSelector specifies the criteria used to determine if the Gateway +// or Sidecar resource can be applied to a proxy. The matching criteria +// includes the metadata associated with a proxy, workload info such as +// labels attached to the pod/VM, or any other info that the proxy provides +// to Istio during the initial handshake. If multiple conditions are +// specified, all conditions need to match in order for the workload to be +// selected. Currently, only label based selection mechanism is supported. +message WorkloadSelector { + // One or more labels that indicate a specific set of pods/VMs on which + // this gateway/sidecar configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // workload is present. + map labels = 1; + + // $hide_from_docs + // other forms of identification supplied by the proxy + // when connecting to Pilot, such as X509 fields, tenant IDs, JWT, + // etc. This has nothing to do with the request level authN etc. +} + // $hide_from_docs // The example below delcares a Sidecar resource in the prod-us1 namespace // that accepts inbound HTTP traffic on port 9080 and forwards From de8e68b8a2553b98ab816929f9ab1ad8ca9dec0c Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Fri, 4 Jan 2019 09:58:08 -0500 Subject: [PATCH 09/11] tweaks Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/gateway.proto | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index 83738ae6bc..f75c31eba5 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -157,11 +157,11 @@ message Gateway { // REQUIRED: A list of server specifications. repeated Server servers = 1; - // One or more labels that indicate a specific set of pods/VMs on which - // this gateway configuration should be applied. The scope of label - // search is restricted to the configuration namespace in which the the - // resource is present. In other words, the Gateway resource must reside - // in the same namespace as the gateway workload. + // REQUIRED: One or more labels that indicate a specific set of pods/VMs + // on which this gateway configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // the resource is present. In other words, the Gateway resource must + // reside in the same namespace as the gateway workload. map selector = 2; } @@ -227,15 +227,12 @@ message Gateway { // privateKey: /etc/certs/privatekey.pem // ``` message Server { - // An arbitrary name associated with this server. Used for emitting metrics. - string name = 6; - // REQUIRED: The Port on which the proxy should listen for incoming // connections Port port = 1; // The IP address to which the listener should be bound. - string bind = 5; + string bind = 4; // REQUIRED. A list of hosts exposed by this gateway. At least one // host is required. While typically applicable to @@ -347,7 +344,7 @@ message Server { // point on the sidecar to a port or unix domain socket where the // application workload is listening for connections. Format should be // 127.0.0.1:PORT or unix:///path/to/socket - string default_endpoint = 4; + string default_endpoint = 5; } // Port describes the properties of a specific port of a service. From 671193cfe9be752487dacf19029168da2b8a3a1a Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Fri, 4 Jan 2019 20:54:12 -0500 Subject: [PATCH 10/11] capture mode Signed-off-by: Shriram Rajagopalan --- .../istio.networking.v1alpha3.pb.html | 52 ++++++- networking/v1alpha3/sidecar.pb.go | 137 +++++++++++------- networking/v1alpha3/sidecar.proto | 31 ++-- proto.lock | 21 ++- .../networking/v1alpha3/sidecar_pb2.py | 51 +++++-- 5 files changed, 211 insertions(+), 81 deletions(-) diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index ce87b90ec2..8e213fbf1c 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -6,7 +6,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/istio.routing.v1alpha1/ -number_of_entries: 60 +number_of_entries: 61 ---

Configuration affecting traffic routing. Here are a few terms useful to define in the context of traffic routing.

@@ -2158,6 +2158,15 @@

IstioListener

An optional arbitrary name associated with the listener used for emitting metrics.

+ + + + + + @@ -2197,6 +2206,47 @@

IstioListener

application workload is listening for connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket

+ + + +
captureModeIstioListener.CaptureMode +

When the bind address is an IP, the captureMode option dictates +how traffic to the listener is expected to be captured (or not).

+
+
+

IstioListener.CaptureMode

+
+

CaptureMode describes how traffic to a listener is expected to be +captured. Applicable only when the listener is bound to an IP.

+ + + + + + + + + + + + + + + + + + + + diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index d10f66ad35..88e2e3a951 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -43,6 +43,41 @@ func (x ConfigScope) String() string { } func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } +// CaptureMode describes how traffic to a listener is expected to be +// captured. Applicable only when the listener is bound to an IP. +type IstioListener_CaptureMode int32 + +const ( + // The default capture mode defined by the environment + IstioListener_DEFAULT IstioListener_CaptureMode = 0 + // Capture traffic using IPtables redirection + IstioListener_IPTABLES IstioListener_CaptureMode = 1 + // No traffic capture. When used in egress listener, the application is + // expected to explicitly communicate with the listener port/unix + // domain socket. When used in ingress listener, care needs to be taken + // to ensure that the listener port is not in use by other processes on + // the host. + IstioListener_NONE IstioListener_CaptureMode = 2 +) + +var IstioListener_CaptureMode_name = map[int32]string{ + 0: "DEFAULT", + 1: "IPTABLES", + 2: "NONE", +} +var IstioListener_CaptureMode_value = map[string]int32{ + "DEFAULT": 0, + "IPTABLES": 1, + "NONE": 2, +} + +func (x IstioListener_CaptureMode) String() string { + return proto.EnumName(IstioListener_CaptureMode_name, int32(x)) +} +func (IstioListener_CaptureMode) EnumDescriptor() ([]byte, []int) { + return fileDescriptorSidecar, []int{1, 0} +} + // `Sidecar` describes the describes the configuration of the sidecar proxy // that mediates inbound and outbound communication to the workload it is // attached to. By default, Istio will program all sidecar proxies in the @@ -160,17 +195,9 @@ type IstioListener struct { // imported services and the workload to which this configuration is // applied to. Bind string `protobuf:"bytes,3,opt,name=bind,proto3" json:"bind,omitempty"` - // $hide_from_docs - // When the bind address is an IP, the bindToPort option dictates - // whether or not the sidecar should bind its listener socket to the - // specified port. Set bindToPort to false (default) if application - // traffic entering/leaving a pod/VM is captured automatically through - // iptables redirection and forwarded to the sidecar on a specific port - // (see proxyListenPort in the global MeshConfig). When not using - // iptables for traffic capture, set bindToPort to true to force the - // sidecar to bind to the specified port. Note that the binding might - // fail if the application workload is already bound to the same port. - BindToPort bool `protobuf:"varint,4,opt,name=bind_to_port,json=bindToPort,proto3" json:"bind_to_port,omitempty"` + // When the bind address is an IP, the captureMode option dictates + // how traffic to the listener is expected to be captured (or not). + CaptureMode IstioListener_CaptureMode `protobuf:"varint,4,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.IstioListener_CaptureMode" json:"capture_mode,omitempty"` // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress // servers*_. For egress servers, the hosts field results in importing @@ -226,11 +253,11 @@ func (m *IstioListener) GetBind() string { return "" } -func (m *IstioListener) GetBindToPort() bool { +func (m *IstioListener) GetCaptureMode() IstioListener_CaptureMode { if m != nil { - return m.BindToPort + return m.CaptureMode } - return false + return IstioListener_DEFAULT } func (m *IstioListener) GetHosts() []string { @@ -279,6 +306,7 @@ func init() { proto.RegisterType((*IstioListener)(nil), "istio.networking.v1alpha3.IstioListener") proto.RegisterType((*WorkloadSelector)(nil), "istio.networking.v1alpha3.WorkloadSelector") proto.RegisterEnum("istio.networking.v1alpha3.ConfigScope", ConfigScope_name, ConfigScope_value) + proto.RegisterEnum("istio.networking.v1alpha3.IstioListener_CaptureMode", IstioListener_CaptureMode_name, IstioListener_CaptureMode_value) } func (m *Sidecar) Marshal() (dAtA []byte, err error) { size := m.Size() @@ -369,15 +397,10 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintSidecar(dAtA, i, uint64(len(m.Bind))) i += copy(dAtA[i:], m.Bind) } - if m.BindToPort { + if m.CaptureMode != 0 { dAtA[i] = 0x20 i++ - if m.BindToPort { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i++ + i = encodeVarintSidecar(dAtA, i, uint64(m.CaptureMode)) } if len(m.Hosts) > 0 { for _, s := range m.Hosts { @@ -484,8 +507,8 @@ func (m *IstioListener) Size() (n int) { if l > 0 { n += 1 + l + sovSidecar(uint64(l)) } - if m.BindToPort { - n += 2 + if m.CaptureMode != 0 { + n += 1 + sovSidecar(uint64(m.CaptureMode)) } if len(m.Hosts) > 0 { for _, s := range m.Hosts { @@ -794,9 +817,9 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { iNdEx = postIndex case 4: if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field BindToPort", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field CaptureMode", wireType) } - var v int + m.CaptureMode = 0 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -806,12 +829,11 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (int(b) & 0x7F) << shift + m.CaptureMode |= (IstioListener_CaptureMode(b) & 0x7F) << shift if b < 0x80 { break } } - m.BindToPort = bool(v != 0) case 5: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) @@ -1167,33 +1189,36 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } var fileDescriptorSidecar = []byte{ - // 438 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92, 0x4f, 0x6f, 0xd3, 0x30, - 0x18, 0xc6, 0x71, 0xd3, 0xa5, 0xf4, 0x0d, 0x88, 0x60, 0x71, 0x08, 0x3b, 0x94, 0xd0, 0x03, 0x0a, - 0x20, 0x25, 0x62, 0x3d, 0xf0, 0xe7, 0x04, 0x9d, 0x7a, 0xa8, 0x54, 0x89, 0xca, 0x1d, 0x7f, 0xc4, - 0x25, 0x72, 0x1b, 0x2f, 0xb3, 0x16, 0xec, 0xc8, 0xf6, 0x56, 0xf5, 0xcb, 0xf0, 0x79, 0xb8, 0xc1, - 0x47, 0x40, 0xbd, 0xf1, 0x2d, 0x90, 0x9d, 0x4c, 0xc0, 0xb4, 0x4d, 0xea, 0x29, 0xaf, 0x1f, 0xbf, - 0xcf, 0xcf, 0x79, 0x1f, 0x1b, 0x1e, 0x0b, 0x66, 0xd6, 0x52, 0x9d, 0x72, 0x51, 0x66, 0xe7, 0x2f, - 0x68, 0x55, 0x9f, 0xd0, 0x51, 0xa6, 0x79, 0xc1, 0x56, 0x54, 0xa5, 0xb5, 0x92, 0x46, 0xe2, 0x87, - 0x5c, 0x1b, 0x2e, 0xd3, 0xbf, 0x8d, 0xe9, 0x45, 0xe3, 0xfe, 0x95, 0xee, 0x92, 0x1a, 0xb6, 0xa6, - 0x9b, 0xc6, 0x3d, 0xfc, 0x8d, 0xa0, 0xb7, 0x68, 0x78, 0xf8, 0x33, 0xdc, 0xb7, 0xdd, 0x95, 0xa4, - 0x45, 0xae, 0x59, 0xc5, 0x56, 0x46, 0xaa, 0x08, 0xc5, 0x28, 0x09, 0x0e, 0x9e, 0xa7, 0xd7, 0x9e, - 0x92, 0x7e, 0x6a, 0x3d, 0x8b, 0xd6, 0x42, 0xc2, 0xf5, 0x25, 0x05, 0x8f, 0xa1, 0xc7, 0x45, 0xa9, - 0x98, 0xd6, 0x51, 0x27, 0xf6, 0x92, 0xe0, 0x20, 0xb9, 0x81, 0x37, 0xb5, 0x3b, 0x33, 0xae, 0x0d, - 0x13, 0x4c, 0x91, 0x0b, 0x23, 0x7e, 0x0b, 0x3e, 0x6b, 0x10, 0xde, 0x8e, 0x88, 0xd6, 0x37, 0xfc, - 0x81, 0xe0, 0xee, 0x7f, 0x3b, 0x18, 0x43, 0x57, 0xd0, 0xaf, 0xcc, 0x0d, 0xd9, 0x27, 0xae, 0xc6, - 0x23, 0xe8, 0xd6, 0x52, 0x99, 0xa8, 0xe3, 0x06, 0x7f, 0x74, 0xc3, 0x29, 0x73, 0xa9, 0x0c, 0x71, - 0xcd, 0x16, 0xb4, 0xe4, 0xa2, 0x88, 0xbc, 0x06, 0x64, 0x6b, 0x1c, 0xc3, 0x1d, 0xfb, 0xcd, 0x8d, - 0xcc, 0x1d, 0xb0, 0x1b, 0xa3, 0xe4, 0x36, 0x01, 0xab, 0x1d, 0x49, 0xeb, 0xc5, 0x0f, 0x60, 0xef, - 0x44, 0x6a, 0xa3, 0xa3, 0xbd, 0xd8, 0x4b, 0xfa, 0xa4, 0x59, 0xe0, 0xa7, 0x10, 0x16, 0xec, 0x98, - 0x9e, 0x55, 0x26, 0x67, 0xa2, 0xa8, 0x25, 0x17, 0x26, 0xf2, 0x1d, 0xf7, 0x5e, 0xab, 0x4f, 0x5a, - 0x79, 0xf8, 0x0d, 0x41, 0x78, 0x39, 0x7e, 0xfc, 0x1e, 0xfc, 0x8a, 0x2e, 0x59, 0xa5, 0x23, 0xe4, - 0x82, 0x7a, 0xb9, 0xc3, 0xdd, 0xa5, 0x33, 0xe7, 0x9c, 0x08, 0xa3, 0x36, 0xa4, 0xc5, 0xec, 0xbf, - 0x86, 0xe0, 0x1f, 0x19, 0x87, 0xe0, 0x9d, 0xb2, 0x4d, 0x9b, 0x99, 0x2d, 0xed, 0x1c, 0xe7, 0xb4, - 0x3a, 0x63, 0x2e, 0xb3, 0x3e, 0x69, 0x16, 0x6f, 0x3a, 0xaf, 0xd0, 0xb3, 0x27, 0x10, 0x1c, 0x4a, - 0x71, 0xcc, 0xcb, 0xc5, 0x4a, 0xd6, 0x0c, 0x03, 0xf8, 0xf3, 0x0f, 0xe3, 0xd9, 0xf4, 0x30, 0xbc, - 0x85, 0x03, 0xe8, 0xcd, 0xc9, 0xf4, 0xe3, 0xbb, 0xa3, 0x49, 0x88, 0xc6, 0xe9, 0xf7, 0xed, 0x00, - 0xfd, 0xdc, 0x0e, 0xd0, 0xaf, 0xed, 0x00, 0x7d, 0x89, 0x9b, 0x1f, 0xe6, 0x32, 0xa3, 0x35, 0xcf, - 0xae, 0x78, 0xc4, 0x4b, 0xdf, 0xbd, 0xde, 0xd1, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xe3, 0x37, - 0x9e, 0xaa, 0x20, 0x03, 0x00, 0x00, + // 490 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x93, 0xcd, 0x6e, 0xd3, 0x40, + 0x10, 0xc7, 0xbb, 0x76, 0xea, 0x34, 0xe3, 0x02, 0x66, 0xc5, 0xc1, 0xf4, 0x10, 0x4c, 0x0e, 0xc8, + 0x80, 0xe4, 0x88, 0x04, 0x89, 0x8f, 0x13, 0x49, 0x30, 0x52, 0x24, 0xd3, 0x46, 0x4e, 0x4a, 0x11, + 0x97, 0x68, 0x63, 0x6f, 0xd3, 0x55, 0xdd, 0x5d, 0x6b, 0xbd, 0x69, 0x94, 0x97, 0xe1, 0x41, 0x78, + 0x02, 0x8e, 0x3c, 0x02, 0xca, 0x8d, 0xb7, 0x40, 0xfe, 0xa8, 0x5a, 0xaa, 0x52, 0x35, 0xb7, 0x99, + 0xd9, 0xf9, 0xff, 0x76, 0x46, 0xff, 0x5d, 0x78, 0xca, 0xa9, 0x5a, 0x0a, 0x79, 0xca, 0xf8, 0xbc, + 0x7d, 0xfe, 0x8a, 0x24, 0xe9, 0x09, 0xe9, 0xb6, 0x33, 0x16, 0xd3, 0x88, 0x48, 0x2f, 0x95, 0x42, + 0x09, 0xfc, 0x98, 0x65, 0x8a, 0x09, 0xef, 0xb2, 0xd1, 0xbb, 0x68, 0xdc, 0xbb, 0x51, 0x3d, 0x27, + 0x8a, 0x2e, 0xc9, 0xaa, 0x54, 0xb7, 0xfe, 0x20, 0xa8, 0x8f, 0x4b, 0x1e, 0xfe, 0x0a, 0x0f, 0xf3, + 0xee, 0x44, 0x90, 0x78, 0x9a, 0xd1, 0x84, 0x46, 0x4a, 0x48, 0x1b, 0x39, 0xc8, 0x35, 0x3b, 0x2f, + 0xbd, 0xff, 0xde, 0xe2, 0x1d, 0x55, 0x9a, 0x71, 0x25, 0x09, 0xad, 0xe5, 0xb5, 0x0a, 0xee, 0x43, + 0x9d, 0xf1, 0xb9, 0xa4, 0x59, 0x66, 0x6b, 0x8e, 0xee, 0x9a, 0x1d, 0xf7, 0x16, 0xde, 0x30, 0x3f, + 0x09, 0x58, 0xa6, 0x28, 0xa7, 0x32, 0xbc, 0x10, 0xe2, 0x0f, 0x60, 0xd0, 0x12, 0xa1, 0x6f, 0x88, + 0xa8, 0x74, 0xad, 0x1f, 0x1a, 0xdc, 0xfb, 0xe7, 0x04, 0x63, 0xa8, 0x71, 0x72, 0x46, 0x8b, 0x25, + 0x1b, 0x61, 0x11, 0xe3, 0x2e, 0xd4, 0x52, 0x21, 0x95, 0xad, 0x15, 0x8b, 0x3f, 0xb9, 0xe5, 0x96, + 0x91, 0x90, 0x2a, 0x2c, 0x9a, 0x73, 0xd0, 0x8c, 0xf1, 0xd8, 0xd6, 0x4b, 0x50, 0x1e, 0xe3, 0x23, + 0xd8, 0x8d, 0x48, 0xaa, 0x16, 0x92, 0x4e, 0xcf, 0x44, 0x4c, 0xed, 0x9a, 0x83, 0xdc, 0xfb, 0x9d, + 0xd7, 0x77, 0x1d, 0xdb, 0x1b, 0x94, 0xe2, 0xcf, 0x22, 0xa6, 0xa1, 0x19, 0x5d, 0x26, 0xf8, 0x11, + 0x6c, 0x9f, 0x88, 0x4c, 0x65, 0xf6, 0xb6, 0xa3, 0xbb, 0x8d, 0xb0, 0x4c, 0xf0, 0x73, 0xb0, 0x62, + 0x7a, 0x4c, 0x16, 0x89, 0x9a, 0x52, 0x1e, 0xa7, 0x82, 0x71, 0x65, 0x1b, 0xc5, 0x38, 0x0f, 0xaa, + 0xba, 0x5f, 0x95, 0x5b, 0x1d, 0x30, 0xaf, 0xc0, 0xb1, 0x09, 0xf5, 0x8f, 0xfe, 0xa7, 0xde, 0x61, + 0x30, 0xb1, 0xb6, 0xf0, 0x2e, 0xec, 0x0c, 0x47, 0x93, 0x5e, 0x3f, 0xf0, 0xc7, 0x16, 0xc2, 0x3b, + 0x50, 0xdb, 0x3f, 0xd8, 0xf7, 0x2d, 0xad, 0xf5, 0x1d, 0x81, 0x75, 0xdd, 0x69, 0x7c, 0x00, 0x46, + 0x42, 0x66, 0x34, 0xc9, 0x6c, 0x54, 0x78, 0xf2, 0x66, 0x83, 0x67, 0xe2, 0x05, 0x85, 0xd2, 0xe7, + 0x4a, 0xae, 0xc2, 0x0a, 0xb3, 0xf7, 0x0e, 0xcc, 0x2b, 0x65, 0x6c, 0x81, 0x7e, 0x4a, 0x57, 0x95, + 0x3d, 0x79, 0x98, 0xef, 0x7e, 0x4e, 0x92, 0x05, 0x2d, 0xec, 0x69, 0x84, 0x65, 0xf2, 0x5e, 0x7b, + 0x8b, 0x5e, 0x3c, 0x03, 0x73, 0x20, 0xf8, 0x31, 0x9b, 0x8f, 0x23, 0x91, 0x52, 0x0c, 0x60, 0x8c, + 0x0e, 0xfb, 0xc1, 0x70, 0x60, 0x6d, 0xe5, 0x0b, 0x8e, 0xc2, 0xe1, 0x97, 0xde, 0xc4, 0xb7, 0x50, + 0xdf, 0xfb, 0xb9, 0x6e, 0xa2, 0x5f, 0xeb, 0x26, 0xfa, 0xbd, 0x6e, 0xa2, 0x6f, 0x4e, 0x39, 0x30, + 0x13, 0x6d, 0x92, 0xb2, 0xf6, 0x0d, 0xff, 0x65, 0x66, 0x14, 0x1f, 0xa5, 0xfb, 0x37, 0x00, 0x00, + 0xff, 0xff, 0x02, 0x6b, 0xfb, 0xb2, 0x8b, 0x03, 0x00, 0x00, } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index fe470b9d25..433d5ff4b7 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -116,17 +116,26 @@ message IstioListener { // applied to. string bind = 3; - // $hide_from_docs - // When the bind address is an IP, the bindToPort option dictates - // whether or not the sidecar should bind its listener socket to the - // specified port. Set bindToPort to false (default) if application - // traffic entering/leaving a pod/VM is captured automatically through - // iptables redirection and forwarded to the sidecar on a specific port - // (see proxyListenPort in the global MeshConfig). When not using - // iptables for traffic capture, set bindToPort to true to force the - // sidecar to bind to the specified port. Note that the binding might - // fail if the application workload is already bound to the same port. - bool bind_to_port = 4; + // CaptureMode describes how traffic to a listener is expected to be + // captured. Applicable only when the listener is bound to an IP. + enum CaptureMode { + // The default capture mode defined by the environment + DEFAULT = 0; + + // Capture traffic using IPtables redirection + IPTABLES = 1; + + // No traffic capture. When used in egress listener, the application is + // expected to explicitly communicate with the listener port/unix + // domain socket. When used in ingress listener, care needs to be taken + // to ensure that the listener port is not in use by other processes on + // the host. + NONE = 2; + } + + // When the bind address is an IP, the captureMode option dictates + // how traffic to the listener is expected to be captured (or not). + CaptureMode capture_mode = 4; // One or more services/virtualServices exposed by the listener in // namespace/dnsName format. _*Hosts will be ignored for ingress diff --git a/proto.lock b/proto.lock index b7a053baf1..b365ef6a3f 100644 --- a/proto.lock +++ b/proto.lock @@ -3295,6 +3295,23 @@ "protopath": "networking:/:v1alpha3:/:sidecar.proto", "def": { "enums": [ + { + "name": "IstioListener.CaptureMode", + "enum_fields": [ + { + "name": "DEFAULT", + "integer": 0 + }, + { + "name": "IPTABLES", + "integer": 1 + }, + { + "name": "NONE", + "integer": 2 + } + ] + }, { "name": "ConfigScope", "enum_fields": [ @@ -3352,8 +3369,8 @@ }, { "id": 4, - "name": "bind_to_port", - "type": "bool" + "name": "capture_mode", + "type": "CaptureMode" }, { "id": 5, diff --git a/python/istio_api/networking/v1alpha3/sidecar_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py index 4234aed053..b3f76c95c1 100644 --- a/python/istio_api/networking/v1alpha3/sidecar_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -21,7 +21,7 @@ name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\x99\x01\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x0c\n\x04\x62ind\x18\x03 \x01(\t\x12\x14\n\x0c\x62ind_to_port\x18\x04 \x01(\x08\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t\"\x8a\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\x83\x02\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x0c\n\x04\x62ind\x18\x03 \x01(\t\x12J\n\x0c\x63\x61pture_mode\x18\x04 \x01(\x0e\x32\x34.istio.networking.v1alpha3.IstioListener.CaptureMode\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t\"2\n\x0b\x43\x61ptureMode\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x00\x12\x0c\n\x08IPTABLES\x10\x01\x12\x08\n\x04NONE\x10\x02\"\x8a\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -42,8 +42,8 @@ ], containing_type=None, options=None, - serialized_start=597, - serialized_end=635, + serialized_start=703, + serialized_end=741, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) @@ -52,6 +52,32 @@ PRIVATE = 1 +_ISTIOLISTENER_CAPTUREMODE = _descriptor.EnumDescriptor( + name='CaptureMode', + full_name='istio.networking.v1alpha3.IstioListener.CaptureMode', + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name='DEFAULT', index=0, number=0, + options=None, + type=None), + _descriptor.EnumValueDescriptor( + name='IPTABLES', index=1, number=1, + options=None, + type=None), + _descriptor.EnumValueDescriptor( + name='NONE', index=2, number=2, + options=None, + type=None), + ], + containing_type=None, + options=None, + serialized_start=510, + serialized_end=560, +) +_sym_db.RegisterEnumDescriptor(_ISTIOLISTENER_CAPTUREMODE) + _SIDECAR = _descriptor.Descriptor( name='Sidecar', @@ -127,9 +153,9 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='bind_to_port', full_name='istio.networking.v1alpha3.IstioListener.bind_to_port', index=3, - number=4, type=8, cpp_type=7, label=1, - has_default_value=False, default_value=False, + name='capture_mode', full_name='istio.networking.v1alpha3.IstioListener.capture_mode', index=3, + number=4, type=14, cpp_type=8, label=1, + has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), @@ -152,6 +178,7 @@ ], nested_types=[], enum_types=[ + _ISTIOLISTENER_CAPTUREMODE, ], options=None, is_extendable=False, @@ -160,7 +187,7 @@ oneofs=[ ], serialized_start=301, - serialized_end=454, + serialized_end=560, ) @@ -197,8 +224,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=550, - serialized_end=595, + serialized_start=656, + serialized_end=701, ) _WORKLOADSELECTOR = _descriptor.Descriptor( @@ -227,14 +254,16 @@ extension_ranges=[], oneofs=[ ], - serialized_start=457, - serialized_end=595, + serialized_start=563, + serialized_end=701, ) _SIDECAR.fields_by_name['workload_selector'].message_type = _WORKLOADSELECTOR _SIDECAR.fields_by_name['ingress'].message_type = _ISTIOLISTENER _SIDECAR.fields_by_name['egress'].message_type = _ISTIOLISTENER _ISTIOLISTENER.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._PORT +_ISTIOLISTENER.fields_by_name['capture_mode'].enum_type = _ISTIOLISTENER_CAPTUREMODE +_ISTIOLISTENER_CAPTUREMODE.containing_type = _ISTIOLISTENER _WORKLOADSELECTOR_LABELSENTRY.containing_type = _WORKLOADSELECTOR _WORKLOADSELECTOR.fields_by_name['labels'].message_type = _WORKLOADSELECTOR_LABELSENTRY DESCRIPTOR.message_types_by_name['Sidecar'] = _SIDECAR From c96c2cef43af523e36f6d5af4398459c5d39eb13 Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Mon, 7 Jan 2019 16:07:33 -0500 Subject: [PATCH 11/11] nits Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/destination_rule.pb.go | 3 +- networking/v1alpha3/gateway.pb.go | 17 +- networking/v1alpha3/gateway.proto | 17 +- .../istio.networking.v1alpha3.pb.html | 150 ++--- networking/v1alpha3/sidecar.pb.go | 549 ++++++++++++------ networking/v1alpha3/sidecar.proto | 162 +++--- proto.lock | 61 +- .../networking/v1alpha3/sidecar_pb2.py | 149 +++-- 8 files changed, 650 insertions(+), 458 deletions(-) diff --git a/networking/v1alpha3/destination_rule.pb.go b/networking/v1alpha3/destination_rule.pb.go index 579739e704..7788ca4ef0 100644 --- a/networking/v1alpha3/destination_rule.pb.go +++ b/networking/v1alpha3/destination_rule.pb.go @@ -26,7 +26,8 @@ Port ServiceEntry Sidecar - IstioListener + IstioIngressListener + IstioEgressListener WorkloadSelector VirtualService Destination diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index 04b448932b..37c3bcf532 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -326,9 +326,13 @@ func (m *Gateway) GetSelector() map[string]string { // ``` type Server struct { // REQUIRED: The Port on which the proxy should listen for incoming - // connections + // connections. If using unix domain socket, use 0 as the port number, + // with a valid protocol and port name, along with the bind parameter. Port *Port `protobuf:"bytes,1,opt,name=port" json:"port,omitempty"` - // The IP address to which the listener should be bound. + // $hide_from_docs + // The ip or the unix domain socket to which the listener should be bound + // to. Format: x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux + // abstract namespace). Bind string `protobuf:"bytes,4,opt,name=bind,proto3" json:"bind,omitempty"` // REQUIRED. A list of hosts exposed by this gateway. At least one // host is required. While typically applicable to @@ -349,12 +353,9 @@ type Server struct { // these options to control if all http requests should be redirected to // https, and the TLS modes to use. Tls *Server_TLSOptions `protobuf:"bytes,3,opt,name=tls" json:"tls,omitempty"` - // The IP endpoint or unix domain socket to which traffic should be - // forwarded to by default. In the context of an ingress server, this - // configuration can be used to redirect traffic arriving at the bind - // point on the sidecar to a port or unix domain socket where the - // application workload is listening for connections. Format should be - // 127.0.0.1:PORT or unix:///path/to/socket + // The loopback IP endpoint or unix domain socket to which traffic should + // be forwarded to by default. Format should be 127.0.0.1:PORT or + // unix:///path/to/socket or unix://@foobar (Linux abstract namespace). DefaultEndpoint string `protobuf:"bytes,5,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index f75c31eba5..0cfb8bcefc 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -228,10 +228,14 @@ message Gateway { // ``` message Server { // REQUIRED: The Port on which the proxy should listen for incoming - // connections + // connections. If using unix domain socket, use 0 as the port number, + // with a valid protocol and port name, along with the bind parameter. Port port = 1; - // The IP address to which the listener should be bound. + // $hide_from_docs + // The ip or the unix domain socket to which the listener should be bound + // to. Format: x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux + // abstract namespace). string bind = 4; // REQUIRED. A list of hosts exposed by this gateway. At least one @@ -338,12 +342,9 @@ message Server { // https, and the TLS modes to use. TLSOptions tls = 3; - // The IP endpoint or unix domain socket to which traffic should be - // forwarded to by default. In the context of an ingress server, this - // configuration can be used to redirect traffic arriving at the bind - // point on the sidecar to a port or unix domain socket where the - // application workload is listening for connections. Format should be - // 127.0.0.1:PORT or unix:///path/to/socket + // The loopback IP endpoint or unix domain socket to which traffic should + // be forwarded to by default. Format should be 127.0.0.1:PORT or + // unix:///path/to/socket or unix://@foobar (Linux abstract namespace). string default_endpoint = 5; } diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 8e213fbf1c..a035e74a5c 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -6,7 +6,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/istio.routing.v1alpha1/ -number_of_entries: 61 +number_of_entries: 60 ---

Configuration affecting traffic routing. Here are a few terms useful to define in the context of traffic routing.

@@ -2137,10 +2137,10 @@

Headers.HeaderOperations

NameDescription
DEFAULT +

The default capture mode defined by the environment

+ +
IPTABLES +

Capture traffic using IPtables redirection

+ +
NONE +

No traffic capture. When used in egress listener, the application is +expected to explicitly communicate with the listener port/unix +domain socket. When used in ingress listener, care needs to be taken +to ensure that the listener port is not in use by other processes on +the host.

+
-

IstioListener

+

IstioEgressListener

-

IstioListener specifies the properties of a single listener on the -sidecar proxy attached to a workload.

+

IstioEgressListener specifies the properties of an outbound traffic +listener on the sidecar proxy attached to a workload.

@@ -2151,37 +2151,27 @@

IstioListener

- - - - - - + - + - + - - - - - - - -
namestring -

An optional arbitrary name associated with the listener used for -emitting metrics.

- -
captureModeIstioListener.CaptureModeCaptureMode

When the bind address is an IP, the captureMode option dictates how traffic to the listener is expected to be captured (or not).
hosts string[]

One or more services/virtualServices exposed by the listener in -namespace/dnsName format. Hosts will be ignored for ingress -servers. For egress servers, the hosts field results in importing -one or more publicly scoped services and VirtualServices from remote -namespaces. The service in a namespace can be a service in the service -registry (e.g., a kubernetes or cloud foundry service) or a service -specified via ServiceEntry configuration. In addition, any publicly -scoped DestinationRule associated with the imported services will also -be imported.

+namespace/dnsName format. Publicly scoped services and +VirtualServices from remote namespaces corresponding to the specified +hosts will be imported. The service in a namespace can be a service in +the service registry (e.g., a kubernetes or cloud foundry service) or +a service specified via ServiceEntry configuration. In addition, any +publicly scoped DestinationRule associated with the imported services +will also be imported.

Set the namespace to * to import a particular service from any available namespace (e.g., “*/foo.example.com”). Set the dnsName field @@ -2193,60 +2183,6 @@

IstioListener

imported. Refer to the scope setting associated with VirtualService, DestinationRule, ServiceEntry, etc. for details.

-
defaultEndpointstring -

The IP endpoint or unix domain socket to which traffic should be -forwarded to by default. In the context of an ingress server, this -configuration can be used to redirect traffic arriving at the bind -point on the sidecar to a port or unix domain socket where the -application workload is listening for connections. Format should be -127.0.0.1:PORT or unix:///path/to/socket

- -
-
-

IstioListener.CaptureMode

-
-

CaptureMode describes how traffic to a listener is expected to be -captured. Applicable only when the listener is bound to an IP.

- - - - - - - - - - - - - - - - - - - - @@ -2897,15 +2833,8 @@

Server

- - - - - @@ -2944,12 +2873,9 @@

Server

@@ -3698,24 +3624,25 @@

ServiceEntry.Resolution

Sidecar

-

Sidecar describes the describes the configuration of the sidecar proxy -that mediates inbound and outbound communication to the workload it is -attached to. By default, Istio will program all sidecar proxies in the -mesh with the necessary configuration required to reach every workload -in the mesh, as well as accept traffic on all the ports associated with -the workload. The Sidecar resource provides a way to fine tune the set -of ports, protocols that the proxy will accept when forwarding traffic -to and from the workload. In addition, it is possible to restrict the -set of services that the proxy can reach when forwarding outbound -traffic from the workload.

+

Sidecar describes the configuration of the sidecar proxy that mediates +inbound and outbound communication to the workload it is attached to. By +default, Istio will program all sidecar proxies in the mesh with the +necessary configuration required to reach every workload in the mesh, as +well as accept traffic on all the ports associated with the +workload. The Sidecar resource provides a way to fine tune the set of +ports, protocols that the proxy will accept when forwarding traffic to +and from the workload. In addition, it is possible to restrict the set +of services that the proxy can reach when forwarding outbound traffic +from the workload.

Services and configuration in a mesh are organized into one or more namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -resource in a namespace will apply to all workloads selected using the -workloadSelector. In the absence of a workloadSelector, it will apply to -all workloads in the namespace. When determining the Sidecar resource to -be applied to a workload, preference will be given to the resource with -a workloadSelector that selects this workload, over a Sidecar resource +resource in a namespace will apply to one or more workloads in the same +namespace, selected using the workloadSelector. In the absence of a +workloadSelector, it will apply to all workloads in the same +namespace. When determining the Sidecar resource to be applied to a +workload, preference will be given to the resource with a +workloadSelector that selects this workload, over a Sidecar resource without any workloadSelector.

NOTE: Each namespace can have only one Sidecar resource without any @@ -3725,9 +3652,8 @@

Sidecar

with a workload selector select the same workload.

The example below delcares a Sidecar resource in the prod-us1 namespace -that configures the sidecar to allow egress traffic to services in the -prod-us1 and prod-apis namespaces, and the policy and telemetry service -(if enabled) in the istio-system namespace.

+that configures the sidecar to allow egress traffic to public services +in the prod-us1, prod-apis, and the istio-system namespaces.

apiVersion: networking.istio.io/v1alpha3
 kind: Sidecar
@@ -3753,7 +3679,7 @@ 
Sidecar
- +
NameDescription
DEFAULT -

The default capture mode defined by the environment

- -
IPTABLES -

Capture traffic using IPtables redirection

- -
NONE -

No traffic capture. When used in egress listener, the application is -expected to explicitly communicate with the listener port/unix -domain socket. When used in ingress listener, care needs to be taken -to ensure that the listener port is not in use by other processes on -the host.

-
Port

REQUIRED: The Port on which the proxy should listen for incoming -connections

- -
bindstring -

The IP address to which the listener should be bound.

+connections. If using unix domain socket, use 0 as the port number, +with a valid protocol and port name, along with the bind parameter.
defaultEndpoint string -

The IP endpoint or unix domain socket to which traffic should be -forwarded to by default. In the context of an ingress server, this -configuration can be used to redirect traffic arriving at the bind -point on the sidecar to a port or unix domain socket where the -application workload is listening for connections. Format should be -127.0.0.1:PORT or unix:///path/to/socket

+

The loopback IP endpoint or unix domain socket to which traffic should +be forwarded to by default. Format should be 127.0.0.1:PORT or +unix:///path/to/socket or unix://@foobar (Linux abstract namespace).
egressIstioListener[]IstioEgressListener[]

Egress specifies the configuration of the sidecar for processing outbound traffic from the attached workload to other services in the diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index 88e2e3a951..6c4e074c0f 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -43,59 +43,59 @@ func (x ConfigScope) String() string { } func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } +// $hide_from_docs // CaptureMode describes how traffic to a listener is expected to be // captured. Applicable only when the listener is bound to an IP. -type IstioListener_CaptureMode int32 +type CaptureMode int32 const ( // The default capture mode defined by the environment - IstioListener_DEFAULT IstioListener_CaptureMode = 0 + CaptureMode_DEFAULT CaptureMode = 0 // Capture traffic using IPtables redirection - IstioListener_IPTABLES IstioListener_CaptureMode = 1 + CaptureMode_IPTABLES CaptureMode = 1 // No traffic capture. When used in egress listener, the application is // expected to explicitly communicate with the listener port/unix // domain socket. When used in ingress listener, care needs to be taken // to ensure that the listener port is not in use by other processes on // the host. - IstioListener_NONE IstioListener_CaptureMode = 2 + CaptureMode_NONE CaptureMode = 2 ) -var IstioListener_CaptureMode_name = map[int32]string{ +var CaptureMode_name = map[int32]string{ 0: "DEFAULT", 1: "IPTABLES", 2: "NONE", } -var IstioListener_CaptureMode_value = map[string]int32{ +var CaptureMode_value = map[string]int32{ "DEFAULT": 0, "IPTABLES": 1, "NONE": 2, } -func (x IstioListener_CaptureMode) String() string { - return proto.EnumName(IstioListener_CaptureMode_name, int32(x)) -} -func (IstioListener_CaptureMode) EnumDescriptor() ([]byte, []int) { - return fileDescriptorSidecar, []int{1, 0} +func (x CaptureMode) String() string { + return proto.EnumName(CaptureMode_name, int32(x)) } +func (CaptureMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{1} } -// `Sidecar` describes the describes the configuration of the sidecar proxy -// that mediates inbound and outbound communication to the workload it is -// attached to. By default, Istio will program all sidecar proxies in the -// mesh with the necessary configuration required to reach every workload -// in the mesh, as well as accept traffic on all the ports associated with -// the workload. The Sidecar resource provides a way to fine tune the set -// of ports, protocols that the proxy will accept when forwarding traffic -// to and from the workload. In addition, it is possible to restrict the -// set of services that the proxy can reach when forwarding outbound -// traffic from the workload. +// `Sidecar` describes the configuration of the sidecar proxy that mediates +// inbound and outbound communication to the workload it is attached to. By +// default, Istio will program all sidecar proxies in the mesh with the +// necessary configuration required to reach every workload in the mesh, as +// well as accept traffic on all the ports associated with the +// workload. The Sidecar resource provides a way to fine tune the set of +// ports, protocols that the proxy will accept when forwarding traffic to +// and from the workload. In addition, it is possible to restrict the set +// of services that the proxy can reach when forwarding outbound traffic +// from the workload. // // Services and configuration in a mesh are organized into one or more // namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -// resource in a namespace will apply to all workloads selected using the -// workloadSelector. In the absence of a workloadSelector, it will apply to -// all workloads in the namespace. When determining the Sidecar resource to -// be applied to a workload, preference will be given to the resource with -// a workloadSelector that selects this workload, over a Sidecar resource +// resource in a namespace will apply to one or more workloads in the same +// namespace, selected using the workloadSelector. In the absence of a +// workloadSelector, it will apply to all workloads in the same +// namespace. When determining the Sidecar resource to be applied to a +// workload, preference will be given to the resource with a +// workloadSelector that selects this workload, over a Sidecar resource // without any workloadSelector. // // NOTE: *_Each namespace can have only one Sidecar resource without any @@ -105,9 +105,8 @@ func (IstioListener_CaptureMode) EnumDescriptor() ([]byte, []int) { // with a workload selector select the same workload. // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that configures the sidecar to allow egress traffic to services in the -// prod-us1 and prod-apis namespaces, and the policy and telemetry service -// (if enabled) in the istio-system namespace. +// that configures the sidecar to allow egress traffic to public services +// in the prod-us1, prod-apis, and the istio-system namespaces. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -136,12 +135,12 @@ type Sidecar struct { // autoconfigure the sidecar based on the information about the workload // obtained from the orchestration platform (e.g., exposed ports, services, // etc.). - Ingress []*IstioListener `protobuf:"bytes,2,rep,name=ingress" json:"ingress,omitempty"` + Ingress []*IstioIngressListener `protobuf:"bytes,2,rep,name=ingress" json:"ingress,omitempty"` // Egress specifies the configuration of the sidecar for processing // outbound traffic from the attached workload to other services in the // mesh. If omitted, Istio will autoconfigure the sidecar to be able to // reach every service in the mesh that is visible to this namespace. - Egress []*IstioListener `protobuf:"bytes,3,rep,name=egress" json:"egress,omitempty"` + Egress []*IstioEgressListener `protobuf:"bytes,3,rep,name=egress" json:"egress,omitempty"` } func (m *Sidecar) Reset() { *m = Sidecar{} } @@ -156,37 +155,92 @@ func (m *Sidecar) GetWorkloadSelector() *WorkloadSelector { return nil } -func (m *Sidecar) GetIngress() []*IstioListener { +func (m *Sidecar) GetIngress() []*IstioIngressListener { if m != nil { return m.Ingress } return nil } -func (m *Sidecar) GetEgress() []*IstioListener { +func (m *Sidecar) GetEgress() []*IstioEgressListener { if m != nil { return m.Egress } return nil } -// IstioListener specifies the properties of a single listener on the -// sidecar proxy attached to a workload. -type IstioListener struct { - // An optional arbitrary name associated with the listener used for - // emitting metrics. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // $hide_from_docs - // REQUIRED for ingress. The port associated with the listener. If using +// $hide_from_docs +// IstioIngressListener specifies the properties of an inbound +// traffic listener on the sidecar proxy attached to a workload. +type IstioIngressListener struct { + // REQUIRED. The port associated with the listener. If using // unix domain socket, use 0 as the port number, with a valid - // protocol. In the egress path, the port if specified, will be used as - // the default destination port associated with the imported hosts. If - // the port is omitted, Istio will infer the listener ports based on the - // imported hosts. Note that when multiple egress listeners are - // specified, where one or more listeners have specific ports while - // others have no port, the hosts exposed on a listener port will be - // based on the listener with the most specific port. - Port *Port `protobuf:"bytes,2,opt,name=port" json:"port,omitempty"` + // protocol. + Port *Port `protobuf:"bytes,1,opt,name=port" json:"port,omitempty"` + // The ip or the unix domain socket to which the listener should be bound + // to. Format: x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux + // abstract namespace). If omitted, Istio will autoconfigure the defaults + // based on imported services and the workload to which this + // configuration is applied to. + Bind string `protobuf:"bytes,2,opt,name=bind,proto3" json:"bind,omitempty"` + // When the bind address is an IP, the captureMode option dictates + // how traffic to the listener is expected to be captured (or not). + CaptureMode CaptureMode `protobuf:"varint,3,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.CaptureMode" json:"capture_mode,omitempty"` + // The loopback IP endpoint or unix domain socket to which traffic should + // be forwarded to by default. This configuration can be used to redirect + // traffic arriving at the bind point on the sidecar to a port or unix + // domain socket where the application workload is listening for + // connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket + DefaultEndpoint string `protobuf:"bytes,4,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` +} + +func (m *IstioIngressListener) Reset() { *m = IstioIngressListener{} } +func (m *IstioIngressListener) String() string { return proto.CompactTextString(m) } +func (*IstioIngressListener) ProtoMessage() {} +func (*IstioIngressListener) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{1} } + +func (m *IstioIngressListener) GetPort() *Port { + if m != nil { + return m.Port + } + return nil +} + +func (m *IstioIngressListener) GetBind() string { + if m != nil { + return m.Bind + } + return "" +} + +func (m *IstioIngressListener) GetCaptureMode() CaptureMode { + if m != nil { + return m.CaptureMode + } + return CaptureMode_DEFAULT +} + +func (m *IstioIngressListener) GetDefaultEndpoint() string { + if m != nil { + return m.DefaultEndpoint + } + return "" +} + +// IstioEgressListener specifies the properties of an outbound traffic +// listener on the sidecar proxy attached to a workload. +type IstioEgressListener struct { + // $hide_from_docs + // The port associated with the listener. If using unix domain socket, + // use 0 as the port number, with a valid protocol. The port if + // specified, will be used as the default destination port associated + // with the imported hosts. If the port is omitted, Istio will infer the + // listener ports based on the imported hosts. Note that when multiple + // egress listeners are specified, where one or more listeners have + // specific ports while others have no port, the hosts exposed on a + // listener port will be based on the listener with the most specific + // port. + Port *Port `protobuf:"bytes,1,opt,name=port" json:"port,omitempty"` // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound // to. Port MUST be specified if bind is not empty. Format: @@ -194,19 +248,18 @@ type IstioListener struct { // namespace). If omitted, Istio will autoconfigure the defaults based on // imported services and the workload to which this configuration is // applied to. - Bind string `protobuf:"bytes,3,opt,name=bind,proto3" json:"bind,omitempty"` + Bind string `protobuf:"bytes,2,opt,name=bind,proto3" json:"bind,omitempty"` // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). - CaptureMode IstioListener_CaptureMode `protobuf:"varint,4,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.IstioListener_CaptureMode" json:"capture_mode,omitempty"` + CaptureMode CaptureMode `protobuf:"varint,3,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.CaptureMode" json:"capture_mode,omitempty"` // One or more services/virtualServices exposed by the listener in - // namespace/dnsName format. _*Hosts will be ignored for ingress - // servers*_. For egress servers, the hosts field results in importing - // one or more publicly scoped services and VirtualServices from remote - // namespaces. The service in a namespace can be a service in the service - // registry (e.g., a kubernetes or cloud foundry service) or a service - // specified via ServiceEntry configuration. In addition, any publicly - // scoped DestinationRule associated with the imported services will also - // be imported. + // namespace/dnsName format. Publicly scoped services and + // VirtualServices from remote namespaces corresponding to the specified + // hosts will be imported. The service in a namespace can be a service in + // the service registry (e.g., a kubernetes or cloud foundry service) or + // a service specified via ServiceEntry configuration. In addition, any + // publicly scoped DestinationRule associated with the imported services + // will also be imported. // // Set the namespace to * to import a particular service from any // available namespace (e.g., "*/foo.example.com"). Set the dnsName field @@ -217,63 +270,42 @@ type IstioListener struct { // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - Hosts []string `protobuf:"bytes,5,rep,name=hosts" json:"hosts,omitempty"` - // The IP endpoint or unix domain socket to which traffic should be - // forwarded to by default. In the context of an ingress server, this - // configuration can be used to redirect traffic arriving at the bind - // point on the sidecar to a port or unix domain socket where the - // application workload is listening for connections. Format should be - // 127.0.0.1:PORT or unix:///path/to/socket - DefaultEndpoint string `protobuf:"bytes,6,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` + Hosts []string `protobuf:"bytes,4,rep,name=hosts" json:"hosts,omitempty"` } -func (m *IstioListener) Reset() { *m = IstioListener{} } -func (m *IstioListener) String() string { return proto.CompactTextString(m) } -func (*IstioListener) ProtoMessage() {} -func (*IstioListener) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{1} } +func (m *IstioEgressListener) Reset() { *m = IstioEgressListener{} } +func (m *IstioEgressListener) String() string { return proto.CompactTextString(m) } +func (*IstioEgressListener) ProtoMessage() {} +func (*IstioEgressListener) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{2} } -func (m *IstioListener) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *IstioListener) GetPort() *Port { +func (m *IstioEgressListener) GetPort() *Port { if m != nil { return m.Port } return nil } -func (m *IstioListener) GetBind() string { +func (m *IstioEgressListener) GetBind() string { if m != nil { return m.Bind } return "" } -func (m *IstioListener) GetCaptureMode() IstioListener_CaptureMode { +func (m *IstioEgressListener) GetCaptureMode() CaptureMode { if m != nil { return m.CaptureMode } - return IstioListener_DEFAULT + return CaptureMode_DEFAULT } -func (m *IstioListener) GetHosts() []string { +func (m *IstioEgressListener) GetHosts() []string { if m != nil { return m.Hosts } return nil } -func (m *IstioListener) GetDefaultEndpoint() string { - if m != nil { - return m.DefaultEndpoint - } - return "" -} - // WorkloadSelector specifies the criteria used to determine if the Gateway // or Sidecar resource can be applied to a proxy. The matching criteria // includes the metadata associated with a proxy, workload info such as @@ -292,7 +324,7 @@ type WorkloadSelector struct { func (m *WorkloadSelector) Reset() { *m = WorkloadSelector{} } func (m *WorkloadSelector) String() string { return proto.CompactTextString(m) } func (*WorkloadSelector) ProtoMessage() {} -func (*WorkloadSelector) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{2} } +func (*WorkloadSelector) Descriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{3} } func (m *WorkloadSelector) GetLabels() map[string]string { if m != nil { @@ -303,10 +335,11 @@ func (m *WorkloadSelector) GetLabels() map[string]string { func init() { proto.RegisterType((*Sidecar)(nil), "istio.networking.v1alpha3.Sidecar") - proto.RegisterType((*IstioListener)(nil), "istio.networking.v1alpha3.IstioListener") + proto.RegisterType((*IstioIngressListener)(nil), "istio.networking.v1alpha3.IstioIngressListener") + proto.RegisterType((*IstioEgressListener)(nil), "istio.networking.v1alpha3.IstioEgressListener") proto.RegisterType((*WorkloadSelector)(nil), "istio.networking.v1alpha3.WorkloadSelector") proto.RegisterEnum("istio.networking.v1alpha3.ConfigScope", ConfigScope_name, ConfigScope_value) - proto.RegisterEnum("istio.networking.v1alpha3.IstioListener_CaptureMode", IstioListener_CaptureMode_name, IstioListener_CaptureMode_value) + proto.RegisterEnum("istio.networking.v1alpha3.CaptureMode", CaptureMode_name, CaptureMode_value) } func (m *Sidecar) Marshal() (dAtA []byte, err error) { size := m.Size() @@ -360,7 +393,7 @@ func (m *Sidecar) MarshalTo(dAtA []byte) (int, error) { return i, nil } -func (m *IstioListener) Marshal() (dAtA []byte, err error) { +func (m *IstioIngressListener) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalTo(dAtA) @@ -370,41 +403,80 @@ func (m *IstioListener) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { +func (m *IstioIngressListener) MarshalTo(dAtA []byte) (int, error) { var i int _ = i var l int _ = l - if len(m.Name) > 0 { + if m.Port != nil { dAtA[i] = 0xa i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(m.Name))) - i += copy(dAtA[i:], m.Name) + i = encodeVarintSidecar(dAtA, i, uint64(m.Port.Size())) + n2, err := m.Port.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n2 } - if m.Port != nil { + if len(m.Bind) > 0 { dAtA[i] = 0x12 i++ + i = encodeVarintSidecar(dAtA, i, uint64(len(m.Bind))) + i += copy(dAtA[i:], m.Bind) + } + if m.CaptureMode != 0 { + dAtA[i] = 0x18 + i++ + i = encodeVarintSidecar(dAtA, i, uint64(m.CaptureMode)) + } + if len(m.DefaultEndpoint) > 0 { + dAtA[i] = 0x22 + i++ + i = encodeVarintSidecar(dAtA, i, uint64(len(m.DefaultEndpoint))) + i += copy(dAtA[i:], m.DefaultEndpoint) + } + return i, nil +} + +func (m *IstioEgressListener) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *IstioEgressListener) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.Port != nil { + dAtA[i] = 0xa + i++ i = encodeVarintSidecar(dAtA, i, uint64(m.Port.Size())) - n2, err := m.Port.MarshalTo(dAtA[i:]) + n3, err := m.Port.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n2 + i += n3 } if len(m.Bind) > 0 { - dAtA[i] = 0x1a + dAtA[i] = 0x12 i++ i = encodeVarintSidecar(dAtA, i, uint64(len(m.Bind))) i += copy(dAtA[i:], m.Bind) } if m.CaptureMode != 0 { - dAtA[i] = 0x20 + dAtA[i] = 0x18 i++ i = encodeVarintSidecar(dAtA, i, uint64(m.CaptureMode)) } if len(m.Hosts) > 0 { for _, s := range m.Hosts { - dAtA[i] = 0x2a + dAtA[i] = 0x22 i++ l = len(s) for l >= 1<<7 { @@ -417,12 +489,6 @@ func (m *IstioListener) MarshalTo(dAtA []byte) (int, error) { i += copy(dAtA[i:], s) } } - if len(m.DefaultEndpoint) > 0 { - dAtA[i] = 0x32 - i++ - i = encodeVarintSidecar(dAtA, i, uint64(len(m.DefaultEndpoint))) - i += copy(dAtA[i:], m.DefaultEndpoint) - } return i, nil } @@ -492,13 +558,30 @@ func (m *Sidecar) Size() (n int) { return n } -func (m *IstioListener) Size() (n int) { +func (m *IstioIngressListener) Size() (n int) { var l int _ = l - l = len(m.Name) + if m.Port != nil { + l = m.Port.Size() + n += 1 + l + sovSidecar(uint64(l)) + } + l = len(m.Bind) if l > 0 { n += 1 + l + sovSidecar(uint64(l)) } + if m.CaptureMode != 0 { + n += 1 + sovSidecar(uint64(m.CaptureMode)) + } + l = len(m.DefaultEndpoint) + if l > 0 { + n += 1 + l + sovSidecar(uint64(l)) + } + return n +} + +func (m *IstioEgressListener) Size() (n int) { + var l int + _ = l if m.Port != nil { l = m.Port.Size() n += 1 + l + sovSidecar(uint64(l)) @@ -516,10 +599,6 @@ func (m *IstioListener) Size() (n int) { n += 1 + l + sovSidecar(uint64(l)) } } - l = len(m.DefaultEndpoint) - if l > 0 { - n += 1 + l + sovSidecar(uint64(l)) - } return n } @@ -638,7 +717,7 @@ func (m *Sidecar) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Ingress = append(m.Ingress, &IstioListener{}) + m.Ingress = append(m.Ingress, &IstioIngressListener{}) if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } @@ -669,7 +748,7 @@ func (m *Sidecar) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Egress = append(m.Egress, &IstioListener{}) + m.Egress = append(m.Egress, &IstioEgressListener{}) if err := m.Egress[len(m.Egress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } @@ -695,7 +774,7 @@ func (m *Sidecar) Unmarshal(dAtA []byte) error { } return nil } -func (m *IstioListener) Unmarshal(dAtA []byte) error { +func (m *IstioIngressListener) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -718,17 +797,17 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: IstioListener: wiretype end group for non-group") + return fmt.Errorf("proto: IstioIngressListener: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: IstioListener: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: IstioIngressListener: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) } - var stringLen uint64 + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -738,26 +817,30 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= (uint64(b) & 0x7F) << shift + msglen |= (int(b) & 0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if msglen < 0 { return ErrInvalidLengthSidecar } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + msglen if postIndex > l { return io.ErrUnexpectedEOF } - m.Name = string(dAtA[iNdEx:postIndex]) + if m.Port == nil { + m.Port = &Port{} + } + if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Bind", wireType) } - var msglen int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -767,28 +850,43 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + stringLen |= (uint64(b) & 0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthSidecar } - postIndex := iNdEx + msglen + postIndex := iNdEx + intStringLen if postIndex > l { return io.ErrUnexpectedEOF } - if m.Port == nil { - m.Port = &Port{} - } - if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } + m.Bind = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field CaptureMode", wireType) + } + m.CaptureMode = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.CaptureMode |= (CaptureMode(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Bind", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -813,13 +911,63 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Bind = string(dAtA[iNdEx:postIndex]) + m.DefaultEndpoint = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field CaptureMode", wireType) + default: + iNdEx = preIndex + skippy, err := skipSidecar(dAtA[iNdEx:]) + if err != nil { + return err } - m.CaptureMode = 0 + if skippy < 0 { + return ErrInvalidLengthSidecar + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *IstioEgressListener) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: IstioEgressListener: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: IstioEgressListener: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType) + } + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowSidecar @@ -829,14 +977,28 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.CaptureMode |= (IstioListener_CaptureMode(b) & 0x7F) << shift + msglen |= (int(b) & 0x7F) << shift if b < 0x80 { break } } - case 5: + if msglen < 0 { + return ErrInvalidLengthSidecar + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Port == nil { + m.Port = &Port{} + } + if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Bind", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -861,11 +1023,30 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) + m.Bind = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 6: + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field CaptureMode", wireType) + } + m.CaptureMode = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSidecar + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.CaptureMode |= (CaptureMode(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DefaultEndpoint", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -890,7 +1071,7 @@ func (m *IstioListener) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.DefaultEndpoint = string(dAtA[iNdEx:postIndex]) + m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex default: iNdEx = preIndex @@ -1189,36 +1370,36 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/sidecar.proto", fileDescriptorSidecar) } var fileDescriptorSidecar = []byte{ - // 490 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x93, 0xcd, 0x6e, 0xd3, 0x40, - 0x10, 0xc7, 0xbb, 0x76, 0xea, 0x34, 0xe3, 0x02, 0x66, 0xc5, 0xc1, 0xf4, 0x10, 0x4c, 0x0e, 0xc8, - 0x80, 0xe4, 0x88, 0x04, 0x89, 0x8f, 0x13, 0x49, 0x30, 0x52, 0x24, 0xd3, 0x46, 0x4e, 0x4a, 0x11, - 0x97, 0x68, 0x63, 0x6f, 0xd3, 0x55, 0xdd, 0x5d, 0x6b, 0xbd, 0x69, 0x94, 0x97, 0xe1, 0x41, 0x78, - 0x02, 0x8e, 0x3c, 0x02, 0xca, 0x8d, 0xb7, 0x40, 0xfe, 0xa8, 0x5a, 0xaa, 0x52, 0x35, 0xb7, 0x99, - 0xd9, 0xf9, 0xff, 0x76, 0x46, 0xff, 0x5d, 0x78, 0xca, 0xa9, 0x5a, 0x0a, 0x79, 0xca, 0xf8, 0xbc, - 0x7d, 0xfe, 0x8a, 0x24, 0xe9, 0x09, 0xe9, 0xb6, 0x33, 0x16, 0xd3, 0x88, 0x48, 0x2f, 0x95, 0x42, - 0x09, 0xfc, 0x98, 0x65, 0x8a, 0x09, 0xef, 0xb2, 0xd1, 0xbb, 0x68, 0xdc, 0xbb, 0x51, 0x3d, 0x27, - 0x8a, 0x2e, 0xc9, 0xaa, 0x54, 0xb7, 0xfe, 0x20, 0xa8, 0x8f, 0x4b, 0x1e, 0xfe, 0x0a, 0x0f, 0xf3, - 0xee, 0x44, 0x90, 0x78, 0x9a, 0xd1, 0x84, 0x46, 0x4a, 0x48, 0x1b, 0x39, 0xc8, 0x35, 0x3b, 0x2f, - 0xbd, 0xff, 0xde, 0xe2, 0x1d, 0x55, 0x9a, 0x71, 0x25, 0x09, 0xad, 0xe5, 0xb5, 0x0a, 0xee, 0x43, - 0x9d, 0xf1, 0xb9, 0xa4, 0x59, 0x66, 0x6b, 0x8e, 0xee, 0x9a, 0x1d, 0xf7, 0x16, 0xde, 0x30, 0x3f, - 0x09, 0x58, 0xa6, 0x28, 0xa7, 0x32, 0xbc, 0x10, 0xe2, 0x0f, 0x60, 0xd0, 0x12, 0xa1, 0x6f, 0x88, - 0xa8, 0x74, 0xad, 0x1f, 0x1a, 0xdc, 0xfb, 0xe7, 0x04, 0x63, 0xa8, 0x71, 0x72, 0x46, 0x8b, 0x25, - 0x1b, 0x61, 0x11, 0xe3, 0x2e, 0xd4, 0x52, 0x21, 0x95, 0xad, 0x15, 0x8b, 0x3f, 0xb9, 0xe5, 0x96, - 0x91, 0x90, 0x2a, 0x2c, 0x9a, 0x73, 0xd0, 0x8c, 0xf1, 0xd8, 0xd6, 0x4b, 0x50, 0x1e, 0xe3, 0x23, - 0xd8, 0x8d, 0x48, 0xaa, 0x16, 0x92, 0x4e, 0xcf, 0x44, 0x4c, 0xed, 0x9a, 0x83, 0xdc, 0xfb, 0x9d, - 0xd7, 0x77, 0x1d, 0xdb, 0x1b, 0x94, 0xe2, 0xcf, 0x22, 0xa6, 0xa1, 0x19, 0x5d, 0x26, 0xf8, 0x11, - 0x6c, 0x9f, 0x88, 0x4c, 0x65, 0xf6, 0xb6, 0xa3, 0xbb, 0x8d, 0xb0, 0x4c, 0xf0, 0x73, 0xb0, 0x62, - 0x7a, 0x4c, 0x16, 0x89, 0x9a, 0x52, 0x1e, 0xa7, 0x82, 0x71, 0x65, 0x1b, 0xc5, 0x38, 0x0f, 0xaa, - 0xba, 0x5f, 0x95, 0x5b, 0x1d, 0x30, 0xaf, 0xc0, 0xb1, 0x09, 0xf5, 0x8f, 0xfe, 0xa7, 0xde, 0x61, - 0x30, 0xb1, 0xb6, 0xf0, 0x2e, 0xec, 0x0c, 0x47, 0x93, 0x5e, 0x3f, 0xf0, 0xc7, 0x16, 0xc2, 0x3b, - 0x50, 0xdb, 0x3f, 0xd8, 0xf7, 0x2d, 0xad, 0xf5, 0x1d, 0x81, 0x75, 0xdd, 0x69, 0x7c, 0x00, 0x46, - 0x42, 0x66, 0x34, 0xc9, 0x6c, 0x54, 0x78, 0xf2, 0x66, 0x83, 0x67, 0xe2, 0x05, 0x85, 0xd2, 0xe7, - 0x4a, 0xae, 0xc2, 0x0a, 0xb3, 0xf7, 0x0e, 0xcc, 0x2b, 0x65, 0x6c, 0x81, 0x7e, 0x4a, 0x57, 0x95, - 0x3d, 0x79, 0x98, 0xef, 0x7e, 0x4e, 0x92, 0x05, 0x2d, 0xec, 0x69, 0x84, 0x65, 0xf2, 0x5e, 0x7b, - 0x8b, 0x5e, 0x3c, 0x03, 0x73, 0x20, 0xf8, 0x31, 0x9b, 0x8f, 0x23, 0x91, 0x52, 0x0c, 0x60, 0x8c, - 0x0e, 0xfb, 0xc1, 0x70, 0x60, 0x6d, 0xe5, 0x0b, 0x8e, 0xc2, 0xe1, 0x97, 0xde, 0xc4, 0xb7, 0x50, - 0xdf, 0xfb, 0xb9, 0x6e, 0xa2, 0x5f, 0xeb, 0x26, 0xfa, 0xbd, 0x6e, 0xa2, 0x6f, 0x4e, 0x39, 0x30, - 0x13, 0x6d, 0x92, 0xb2, 0xf6, 0x0d, 0xff, 0x65, 0x66, 0x14, 0x1f, 0xa5, 0xfb, 0x37, 0x00, 0x00, - 0xff, 0xff, 0x02, 0x6b, 0xfb, 0xb2, 0x8b, 0x03, 0x00, 0x00, + // 496 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x93, 0x3f, 0x6f, 0xd3, 0x40, + 0x18, 0xc6, 0x7b, 0xb1, 0x49, 0x9a, 0xd7, 0x15, 0x98, 0xa3, 0x83, 0xe9, 0x10, 0x4c, 0x86, 0xca, + 0x14, 0xc9, 0x16, 0xc9, 0xc0, 0x9f, 0x2d, 0x09, 0xae, 0x64, 0xc9, 0xb4, 0x91, 0x93, 0x02, 0x62, + 0x89, 0x2e, 0xf6, 0x35, 0x3d, 0xd5, 0xf8, 0xac, 0xf3, 0xa5, 0x51, 0xbe, 0x0c, 0x5f, 0x85, 0x95, + 0x91, 0x85, 0x1d, 0xe5, 0x43, 0x30, 0x23, 0xff, 0xa9, 0x5a, 0xa2, 0x10, 0xc4, 0xd6, 0xed, 0xde, + 0xf7, 0x9e, 0xe7, 0xf7, 0xfa, 0xf1, 0xdd, 0xc1, 0xd3, 0x84, 0xca, 0x05, 0x17, 0x97, 0x2c, 0x99, + 0x39, 0x57, 0x2f, 0x48, 0x9c, 0x5e, 0x90, 0xae, 0x93, 0xb1, 0x88, 0x86, 0x44, 0xd8, 0xa9, 0xe0, + 0x92, 0xe3, 0xc7, 0x2c, 0x93, 0x8c, 0xdb, 0x37, 0x42, 0xfb, 0x5a, 0x78, 0xb0, 0xd1, 0x3d, 0x23, + 0x92, 0x2e, 0xc8, 0xb2, 0x74, 0xb7, 0x7f, 0x21, 0x68, 0x8c, 0x4a, 0x1e, 0xfe, 0x08, 0x0f, 0x73, + 0x75, 0xcc, 0x49, 0x34, 0xc9, 0x68, 0x4c, 0x43, 0xc9, 0x85, 0x81, 0x4c, 0x64, 0x69, 0x9d, 0xe7, + 0xf6, 0x5f, 0xa7, 0xd8, 0x1f, 0x2a, 0xcf, 0xa8, 0xb2, 0x04, 0xfa, 0x62, 0xad, 0x83, 0x3d, 0x68, + 0xb0, 0x64, 0x26, 0x68, 0x96, 0x19, 0x35, 0x53, 0xb1, 0xb4, 0x8e, 0xb3, 0x85, 0xe7, 0xe5, 0x3b, + 0x5e, 0x29, 0xf7, 0x59, 0x26, 0x69, 0x42, 0x45, 0x70, 0xed, 0xc7, 0xc7, 0x50, 0xa7, 0x25, 0x49, + 0x29, 0x48, 0xf6, 0xbf, 0x48, 0xee, 0x9f, 0xa0, 0xca, 0xdd, 0xfe, 0x81, 0x60, 0x7f, 0xd3, 0x24, + 0xdc, 0x05, 0x35, 0xe5, 0x42, 0x56, 0xc1, 0x9f, 0x6c, 0xc1, 0x0f, 0xb9, 0x90, 0x41, 0x21, 0xc6, + 0x18, 0xd4, 0x29, 0x4b, 0x22, 0xa3, 0x66, 0x22, 0xab, 0x19, 0x14, 0x6b, 0xec, 0xc1, 0x5e, 0x48, + 0x52, 0x39, 0x17, 0x74, 0xf2, 0x99, 0x47, 0xd4, 0x50, 0x4c, 0x64, 0xdd, 0xef, 0x1c, 0x6e, 0x01, + 0x0e, 0x4a, 0xf9, 0x3b, 0x1e, 0xd1, 0x40, 0x0b, 0x6f, 0x0a, 0xfc, 0x0c, 0xf4, 0x88, 0x9e, 0x93, + 0x79, 0x2c, 0x27, 0x34, 0x89, 0x52, 0xce, 0x12, 0x69, 0xa8, 0xc5, 0xa8, 0x07, 0x55, 0xdf, 0xad, + 0xda, 0xed, 0xaf, 0x08, 0x1e, 0x6d, 0xc8, 0x7d, 0x27, 0x63, 0xed, 0xc3, 0xbd, 0x0b, 0x9e, 0xc9, + 0xcc, 0x50, 0x4d, 0xc5, 0x6a, 0x06, 0x65, 0xd1, 0xfe, 0x82, 0x40, 0x5f, 0xbf, 0x53, 0xf8, 0x14, + 0xea, 0x31, 0x99, 0xd2, 0x38, 0x33, 0x50, 0x71, 0xec, 0x2f, 0xff, 0xe3, 0x42, 0xda, 0x7e, 0xe1, + 0x74, 0x13, 0x29, 0x96, 0x41, 0x85, 0x39, 0x78, 0x0d, 0xda, 0xad, 0x36, 0xd6, 0x41, 0xb9, 0xa4, + 0xcb, 0xe2, 0xef, 0x34, 0x83, 0x7c, 0x99, 0x7f, 0xdc, 0x15, 0x89, 0xe7, 0xb4, 0x0a, 0x5f, 0x16, + 0x6f, 0x6a, 0xaf, 0xd0, 0xd1, 0x21, 0x68, 0x03, 0x9e, 0x9c, 0xb3, 0xd9, 0x28, 0xe4, 0x29, 0xc5, + 0x00, 0xf5, 0xe1, 0x59, 0xdf, 0xf7, 0x06, 0xfa, 0x0e, 0xd6, 0xa0, 0x31, 0x0c, 0xbc, 0xf7, 0xbd, + 0xb1, 0xab, 0xa3, 0xa3, 0x0e, 0x68, 0xb7, 0xa2, 0xe7, 0x7b, 0x6f, 0xdd, 0xe3, 0xde, 0x99, 0x3f, + 0xd6, 0x77, 0xf0, 0x1e, 0xec, 0x7a, 0xc3, 0x71, 0xaf, 0xef, 0xbb, 0x23, 0x1d, 0xe1, 0x5d, 0x50, + 0x4f, 0x4e, 0x4f, 0x5c, 0xbd, 0xd6, 0xb7, 0xbf, 0xad, 0x5a, 0xe8, 0xfb, 0xaa, 0x85, 0x7e, 0xae, + 0x5a, 0xe8, 0x93, 0x59, 0x86, 0x64, 0xdc, 0x21, 0x29, 0x73, 0x36, 0xbc, 0xe6, 0x69, 0xbd, 0x78, + 0xc6, 0xdd, 0xdf, 0x01, 0x00, 0x00, 0xff, 0xff, 0x62, 0xef, 0x1c, 0x27, 0x29, 0x04, 0x00, 0x00, } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index 433d5ff4b7..369b6be38c 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -20,25 +20,26 @@ package istio.networking.v1alpha3; option go_package = "istio.io/api/networking/v1alpha3"; -// `Sidecar` describes the describes the configuration of the sidecar proxy -// that mediates inbound and outbound communication to the workload it is -// attached to. By default, Istio will program all sidecar proxies in the -// mesh with the necessary configuration required to reach every workload -// in the mesh, as well as accept traffic on all the ports associated with -// the workload. The Sidecar resource provides a way to fine tune the set -// of ports, protocols that the proxy will accept when forwarding traffic -// to and from the workload. In addition, it is possible to restrict the -// set of services that the proxy can reach when forwarding outbound -// traffic from the workload. +// `Sidecar` describes the configuration of the sidecar proxy that mediates +// inbound and outbound communication to the workload it is attached to. By +// default, Istio will program all sidecar proxies in the mesh with the +// necessary configuration required to reach every workload in the mesh, as +// well as accept traffic on all the ports associated with the +// workload. The Sidecar resource provides a way to fine tune the set of +// ports, protocols that the proxy will accept when forwarding traffic to +// and from the workload. In addition, it is possible to restrict the set +// of services that the proxy can reach when forwarding outbound traffic +// from the workload. // // Services and configuration in a mesh are organized into one or more // namespaces (e.g., a Kubernetes namespace or a CF org/space). A Sidecar -// resource in a namespace will apply to all workloads selected using the -// workloadSelector. In the absence of a workloadSelector, it will apply to -// all workloads in the namespace. When determining the Sidecar resource to -// be applied to a workload, preference will be given to the resource with -// a workloadSelector that selects this workload, over a Sidecar resource -// without any workloadSelector. +// resource in a namespace will apply to one or more workloads in the same +// namespace, selected using the workloadSelector. In the absence of a +// workloadSelector, it will apply to all workloads in the same +// namespace. When determining the Sidecar resource to be applied to a +// workload, preference will be given to the resource with a +// workloadSelector that selects this workload, over a Sidecar resource +// without any workloadSelector. // // NOTE: *_Each namespace can have only one Sidecar resource without any // workload selector_*. The behavior of the system is undefined if more @@ -47,9 +48,8 @@ option go_package = "istio.io/api/networking/v1alpha3"; // with a workload selector select the same workload. // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that configures the sidecar to allow egress traffic to services in the -// prod-us1 and prod-apis namespaces, and the policy and telemetry service -// (if enabled) in the istio-system namespace. +// that configures the sidecar to allow egress traffic to public services +// in the prod-us1, prod-apis, and the istio-system namespaces. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -79,33 +79,57 @@ message Sidecar { // autoconfigure the sidecar based on the information about the workload // obtained from the orchestration platform (e.g., exposed ports, services, // etc.). - repeated IstioListener ingress = 2; + repeated IstioIngressListener ingress = 2; // Egress specifies the configuration of the sidecar for processing // outbound traffic from the attached workload to other services in the // mesh. If omitted, Istio will autoconfigure the sidecar to be able to // reach every service in the mesh that is visible to this namespace. - repeated IstioListener egress = 3; + repeated IstioEgressListener egress = 3; } -// IstioListener specifies the properties of a single listener on the -// sidecar proxy attached to a workload. -message IstioListener { - // An optional arbitrary name associated with the listener used for - // emitting metrics. - string name = 1; +// $hide_from_docs +// IstioIngressListener specifies the properties of an inbound +// traffic listener on the sidecar proxy attached to a workload. +message IstioIngressListener { + // REQUIRED. The port associated with the listener. If using + // unix domain socket, use 0 as the port number, with a valid + // protocol. + Port port = 1; + + // The ip or the unix domain socket to which the listener should be bound + // to. Format: x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux + // abstract namespace). If omitted, Istio will autoconfigure the defaults + // based on imported services and the workload to which this + // configuration is applied to. + string bind = 2; + + // When the bind address is an IP, the captureMode option dictates + // how traffic to the listener is expected to be captured (or not). + CaptureMode capture_mode = 3; + + // The loopback IP endpoint or unix domain socket to which traffic should + // be forwarded to by default. This configuration can be used to redirect + // traffic arriving at the bind point on the sidecar to a port or unix + // domain socket where the application workload is listening for + // connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket + string default_endpoint = 4; +} +// IstioEgressListener specifies the properties of an outbound traffic +// listener on the sidecar proxy attached to a workload. +message IstioEgressListener { // $hide_from_docs - // REQUIRED for ingress. The port associated with the listener. If using - // unix domain socket, use 0 as the port number, with a valid - // protocol. In the egress path, the port if specified, will be used as - // the default destination port associated with the imported hosts. If - // the port is omitted, Istio will infer the listener ports based on the - // imported hosts. Note that when multiple egress listeners are - // specified, where one or more listeners have specific ports while - // others have no port, the hosts exposed on a listener port will be - // based on the listener with the most specific port. - Port port = 2; + // The port associated with the listener. If using unix domain socket, + // use 0 as the port number, with a valid protocol. The port if + // specified, will be used as the default destination port associated + // with the imported hosts. If the port is omitted, Istio will infer the + // listener ports based on the imported hosts. Note that when multiple + // egress listeners are specified, where one or more listeners have + // specific ports while others have no port, the hosts exposed on a + // listener port will be based on the listener with the most specific + // port. + Port port = 1; // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound @@ -114,38 +138,20 @@ message IstioListener { // namespace). If omitted, Istio will autoconfigure the defaults based on // imported services and the workload to which this configuration is // applied to. - string bind = 3; - - // CaptureMode describes how traffic to a listener is expected to be - // captured. Applicable only when the listener is bound to an IP. - enum CaptureMode { - // The default capture mode defined by the environment - DEFAULT = 0; - - // Capture traffic using IPtables redirection - IPTABLES = 1; - - // No traffic capture. When used in egress listener, the application is - // expected to explicitly communicate with the listener port/unix - // domain socket. When used in ingress listener, care needs to be taken - // to ensure that the listener port is not in use by other processes on - // the host. - NONE = 2; - } + string bind = 2; // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). - CaptureMode capture_mode = 4; + CaptureMode capture_mode = 3; // One or more services/virtualServices exposed by the listener in - // namespace/dnsName format. _*Hosts will be ignored for ingress - // servers*_. For egress servers, the hosts field results in importing - // one or more publicly scoped services and VirtualServices from remote - // namespaces. The service in a namespace can be a service in the service - // registry (e.g., a kubernetes or cloud foundry service) or a service - // specified via ServiceEntry configuration. In addition, any publicly - // scoped DestinationRule associated with the imported services will also - // be imported. + // namespace/dnsName format. Publicly scoped services and + // VirtualServices from remote namespaces corresponding to the specified + // hosts will be imported. The service in a namespace can be a service in + // the service registry (e.g., a kubernetes or cloud foundry service) or + // a service specified via ServiceEntry configuration. In addition, any + // publicly scoped DestinationRule associated with the imported services + // will also be imported. // // Set the namespace to * to import a particular service from any // available namespace (e.g., "*/foo.example.com"). Set the dnsName field @@ -156,15 +162,7 @@ message IstioListener { // namespace can be imported. Private services/configuration will not be // imported. Refer to the scope setting associated with VirtualService, // DestinationRule, ServiceEntry, etc. for details. - repeated string hosts = 5; - - // The IP endpoint or unix domain socket to which traffic should be - // forwarded to by default. In the context of an ingress server, this - // configuration can be used to redirect traffic arriving at the bind - // point on the sidecar to a port or unix domain socket where the - // application workload is listening for connections. Format should be - // 127.0.0.1:PORT or unix:///path/to/socket - string default_endpoint = 6; + repeated string hosts = 4; } // ConfigScope defines the visibility of an Istio configuration artifact in @@ -201,6 +199,24 @@ message WorkloadSelector { // etc. This has nothing to do with the request level authN etc. } +// $hide_from_docs +// CaptureMode describes how traffic to a listener is expected to be +// captured. Applicable only when the listener is bound to an IP. +enum CaptureMode { + // The default capture mode defined by the environment + DEFAULT = 0; + + // Capture traffic using IPtables redirection + IPTABLES = 1; + + // No traffic capture. When used in egress listener, the application is + // expected to explicitly communicate with the listener port/unix + // domain socket. When used in ingress listener, care needs to be taken + // to ensure that the listener port is not in use by other processes on + // the host. + NONE = 2; +} + // $hide_from_docs // The example below delcares a Sidecar resource in the prod-us1 namespace // that accepts inbound HTTP traffic on port 9080 and forwards diff --git a/proto.lock b/proto.lock index b365ef6a3f..95cf510647 100644 --- a/proto.lock +++ b/proto.lock @@ -3296,32 +3296,32 @@ "def": { "enums": [ { - "name": "IstioListener.CaptureMode", + "name": "ConfigScope", "enum_fields": [ { - "name": "DEFAULT", + "name": "PUBLIC", "integer": 0 }, { - "name": "IPTABLES", + "name": "PRIVATE", "integer": 1 - }, - { - "name": "NONE", - "integer": 2 } ] }, { - "name": "ConfigScope", + "name": "CaptureMode", "enum_fields": [ { - "name": "PUBLIC", + "name": "DEFAULT", "integer": 0 }, { - "name": "PRIVATE", + "name": "IPTABLES", "integer": 1 + }, + { + "name": "NONE", + "integer": 2 } ] } @@ -3338,50 +3338,65 @@ { "id": 2, "name": "ingress", - "type": "IstioListener", + "type": "IstioIngressListener", "is_repeated": true }, { "id": 3, "name": "egress", - "type": "IstioListener", + "type": "IstioEgressListener", "is_repeated": true } ] }, { - "name": "IstioListener", + "name": "IstioIngressListener", "fields": [ { "id": 1, - "name": "name", - "type": "string" + "name": "port", + "type": "Port" }, { "id": 2, + "name": "bind", + "type": "string" + }, + { + "id": 3, + "name": "capture_mode", + "type": "CaptureMode" + }, + { + "id": 4, + "name": "default_endpoint", + "type": "string" + } + ] + }, + { + "name": "IstioEgressListener", + "fields": [ + { + "id": 1, "name": "port", "type": "Port" }, { - "id": 3, + "id": 2, "name": "bind", "type": "string" }, { - "id": 4, + "id": 3, "name": "capture_mode", "type": "CaptureMode" }, { - "id": 5, + "id": 4, "name": "hosts", "type": "string", "is_repeated": true - }, - { - "id": 6, - "name": "default_endpoint", - "type": "string" } ] }, diff --git a/python/istio_api/networking/v1alpha3/sidecar_pb2.py b/python/istio_api/networking/v1alpha3/sidecar_pb2.py index b3f76c95c1..33b4779367 100644 --- a/python/istio_api/networking/v1alpha3/sidecar_pb2.py +++ b/python/istio_api/networking/v1alpha3/sidecar_pb2.py @@ -21,7 +21,7 @@ name='networking/v1alpha3/sidecar.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc6\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12\x39\n\x07ingress\x18\x02 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\x12\x38\n\x06\x65gress\x18\x03 \x03(\x0b\x32(.istio.networking.v1alpha3.IstioListener\"\x83\x02\n\rIstioListener\x12\x0c\n\x04name\x18\x01 \x01(\t\x12-\n\x04port\x18\x02 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x0c\n\x04\x62ind\x18\x03 \x01(\t\x12J\n\x0c\x63\x61pture_mode\x18\x04 \x01(\x0e\x32\x34.istio.networking.v1alpha3.IstioListener.CaptureMode\x12\r\n\x05hosts\x18\x05 \x03(\t\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x06 \x01(\t\"2\n\x0b\x43\x61ptureMode\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x00\x12\x0c\n\x08IPTABLES\x10\x01\x12\x08\n\x04NONE\x10\x02\"\x8a\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n!networking/v1alpha3/sidecar.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xd3\x01\n\x07Sidecar\x12\x46\n\x11workload_selector\x18\x01 \x01(\x0b\x32+.istio.networking.v1alpha3.WorkloadSelector\x12@\n\x07ingress\x18\x02 \x03(\x0b\x32/.istio.networking.v1alpha3.IstioIngressListener\x12>\n\x06\x65gress\x18\x03 \x03(\x0b\x32..istio.networking.v1alpha3.IstioEgressListener\"\xab\x01\n\x14IstioIngressListener\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x0c\n\x04\x62ind\x18\x02 \x01(\t\x12<\n\x0c\x63\x61pture_mode\x18\x03 \x01(\x0e\x32&.istio.networking.v1alpha3.CaptureMode\x12\x18\n\x10\x64\x65\x66\x61ult_endpoint\x18\x04 \x01(\t\"\x9f\x01\n\x13IstioEgressListener\x12-\n\x04port\x18\x01 \x01(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x0c\n\x04\x62ind\x18\x02 \x01(\t\x12<\n\x0c\x63\x61pture_mode\x18\x03 \x01(\x0e\x32&.istio.networking.v1alpha3.CaptureMode\x12\r\n\x05hosts\x18\x04 \x03(\t\"\x8a\x01\n\x10WorkloadSelector\x12G\n\x06labels\x18\x01 \x03(\x0b\x32\x37.istio.networking.v1alpha3.WorkloadSelector.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*&\n\x0b\x43onfigScope\x12\n\n\x06PUBLIC\x10\x00\x12\x0b\n\x07PRIVATE\x10\x01*2\n\x0b\x43\x61ptureMode\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x00\x12\x0c\n\x08IPTABLES\x10\x01\x12\x08\n\x04NONE\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -42,19 +42,15 @@ ], containing_type=None, options=None, - serialized_start=703, - serialized_end=741, + serialized_start=790, + serialized_end=828, ) _sym_db.RegisterEnumDescriptor(_CONFIGSCOPE) ConfigScope = enum_type_wrapper.EnumTypeWrapper(_CONFIGSCOPE) -PUBLIC = 0 -PRIVATE = 1 - - -_ISTIOLISTENER_CAPTUREMODE = _descriptor.EnumDescriptor( +_CAPTUREMODE = _descriptor.EnumDescriptor( name='CaptureMode', - full_name='istio.networking.v1alpha3.IstioListener.CaptureMode', + full_name='istio.networking.v1alpha3.CaptureMode', filename=None, file=DESCRIPTOR, values=[ @@ -73,10 +69,18 @@ ], containing_type=None, options=None, - serialized_start=510, - serialized_end=560, + serialized_start=830, + serialized_end=880, ) -_sym_db.RegisterEnumDescriptor(_ISTIOLISTENER_CAPTUREMODE) +_sym_db.RegisterEnumDescriptor(_CAPTUREMODE) + +CaptureMode = enum_type_wrapper.EnumTypeWrapper(_CAPTUREMODE) +PUBLIC = 0 +PRIVATE = 1 +DEFAULT = 0 +IPTABLES = 1 +NONE = 2 + _SIDECAR = _descriptor.Descriptor( @@ -120,56 +124,94 @@ oneofs=[ ], serialized_start=100, - serialized_end=298, + serialized_end=311, ) -_ISTIOLISTENER = _descriptor.Descriptor( - name='IstioListener', - full_name='istio.networking.v1alpha3.IstioListener', +_ISTIOINGRESSLISTENER = _descriptor.Descriptor( + name='IstioIngressListener', + full_name='istio.networking.v1alpha3.IstioIngressListener', filename=None, file=DESCRIPTOR, containing_type=None, fields=[ _descriptor.FieldDescriptor( - name='name', full_name='istio.networking.v1alpha3.IstioListener.name', index=0, - number=1, type=9, cpp_type=9, label=1, + name='port', full_name='istio.networking.v1alpha3.IstioIngressListener.port', index=0, + number=1, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='bind', full_name='istio.networking.v1alpha3.IstioIngressListener.bind', index=1, + number=2, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='port', full_name='istio.networking.v1alpha3.IstioListener.port', index=1, - number=2, type=11, cpp_type=10, label=1, - has_default_value=False, default_value=None, + name='capture_mode', full_name='istio.networking.v1alpha3.IstioIngressListener.capture_mode', index=2, + number=3, type=14, cpp_type=8, label=1, + has_default_value=False, default_value=0, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='bind', full_name='istio.networking.v1alpha3.IstioListener.bind', index=2, - number=3, type=9, cpp_type=9, label=1, + name='default_endpoint', full_name='istio.networking.v1alpha3.IstioIngressListener.default_endpoint', index=3, + number=4, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=314, + serialized_end=485, +) + + +_ISTIOEGRESSLISTENER = _descriptor.Descriptor( + name='IstioEgressListener', + full_name='istio.networking.v1alpha3.IstioEgressListener', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ _descriptor.FieldDescriptor( - name='capture_mode', full_name='istio.networking.v1alpha3.IstioListener.capture_mode', index=3, - number=4, type=14, cpp_type=8, label=1, - has_default_value=False, default_value=0, + name='port', full_name='istio.networking.v1alpha3.IstioEgressListener.port', index=0, + number=1, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='hosts', full_name='istio.networking.v1alpha3.IstioListener.hosts', index=4, - number=5, type=9, cpp_type=9, label=3, - has_default_value=False, default_value=[], + name='bind', full_name='istio.networking.v1alpha3.IstioEgressListener.bind', index=1, + number=2, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='default_endpoint', full_name='istio.networking.v1alpha3.IstioListener.default_endpoint', index=5, - number=6, type=9, cpp_type=9, label=1, - has_default_value=False, default_value=_b("").decode('utf-8'), + name='capture_mode', full_name='istio.networking.v1alpha3.IstioEgressListener.capture_mode', index=2, + number=3, type=14, cpp_type=8, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='hosts', full_name='istio.networking.v1alpha3.IstioEgressListener.hosts', index=3, + number=4, type=9, cpp_type=9, label=3, + has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), @@ -178,7 +220,6 @@ ], nested_types=[], enum_types=[ - _ISTIOLISTENER_CAPTUREMODE, ], options=None, is_extendable=False, @@ -186,8 +227,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=301, - serialized_end=560, + serialized_start=488, + serialized_end=647, ) @@ -224,8 +265,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=656, - serialized_end=701, + serialized_start=743, + serialized_end=788, ) _WORKLOADSELECTOR = _descriptor.Descriptor( @@ -254,22 +295,25 @@ extension_ranges=[], oneofs=[ ], - serialized_start=563, - serialized_end=701, + serialized_start=650, + serialized_end=788, ) _SIDECAR.fields_by_name['workload_selector'].message_type = _WORKLOADSELECTOR -_SIDECAR.fields_by_name['ingress'].message_type = _ISTIOLISTENER -_SIDECAR.fields_by_name['egress'].message_type = _ISTIOLISTENER -_ISTIOLISTENER.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._PORT -_ISTIOLISTENER.fields_by_name['capture_mode'].enum_type = _ISTIOLISTENER_CAPTUREMODE -_ISTIOLISTENER_CAPTUREMODE.containing_type = _ISTIOLISTENER +_SIDECAR.fields_by_name['ingress'].message_type = _ISTIOINGRESSLISTENER +_SIDECAR.fields_by_name['egress'].message_type = _ISTIOEGRESSLISTENER +_ISTIOINGRESSLISTENER.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._PORT +_ISTIOINGRESSLISTENER.fields_by_name['capture_mode'].enum_type = _CAPTUREMODE +_ISTIOEGRESSLISTENER.fields_by_name['port'].message_type = networking_dot_v1alpha3_dot_gateway__pb2._PORT +_ISTIOEGRESSLISTENER.fields_by_name['capture_mode'].enum_type = _CAPTUREMODE _WORKLOADSELECTOR_LABELSENTRY.containing_type = _WORKLOADSELECTOR _WORKLOADSELECTOR.fields_by_name['labels'].message_type = _WORKLOADSELECTOR_LABELSENTRY DESCRIPTOR.message_types_by_name['Sidecar'] = _SIDECAR -DESCRIPTOR.message_types_by_name['IstioListener'] = _ISTIOLISTENER +DESCRIPTOR.message_types_by_name['IstioIngressListener'] = _ISTIOINGRESSLISTENER +DESCRIPTOR.message_types_by_name['IstioEgressListener'] = _ISTIOEGRESSLISTENER DESCRIPTOR.message_types_by_name['WorkloadSelector'] = _WORKLOADSELECTOR DESCRIPTOR.enum_types_by_name['ConfigScope'] = _CONFIGSCOPE +DESCRIPTOR.enum_types_by_name['CaptureMode'] = _CAPTUREMODE _sym_db.RegisterFileDescriptor(DESCRIPTOR) Sidecar = _reflection.GeneratedProtocolMessageType('Sidecar', (_message.Message,), dict( @@ -279,12 +323,19 @@ )) _sym_db.RegisterMessage(Sidecar) -IstioListener = _reflection.GeneratedProtocolMessageType('IstioListener', (_message.Message,), dict( - DESCRIPTOR = _ISTIOLISTENER, +IstioIngressListener = _reflection.GeneratedProtocolMessageType('IstioIngressListener', (_message.Message,), dict( + DESCRIPTOR = _ISTIOINGRESSLISTENER, + __module__ = 'networking.v1alpha3.sidecar_pb2' + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.IstioIngressListener) + )) +_sym_db.RegisterMessage(IstioIngressListener) + +IstioEgressListener = _reflection.GeneratedProtocolMessageType('IstioEgressListener', (_message.Message,), dict( + DESCRIPTOR = _ISTIOEGRESSLISTENER, __module__ = 'networking.v1alpha3.sidecar_pb2' - # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.IstioListener) + # @@protoc_insertion_point(class_scope:istio.networking.v1alpha3.IstioEgressListener) )) -_sym_db.RegisterMessage(IstioListener) +_sym_db.RegisterMessage(IstioEgressListener) WorkloadSelector = _reflection.GeneratedProtocolMessageType('WorkloadSelector', (_message.Message,), dict(