istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/cmd/pilot-agent/options/agent.go (about) 1 // Copyright Istio Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package options 16 17 import ( 18 "os" 19 "path/filepath" 20 "strings" 21 22 meshconfig "istio.io/api/mesh/v1alpha1" 23 "istio.io/istio/pilot/pkg/features" 24 "istio.io/istio/pkg/bootstrap/platform" 25 istioagent "istio.io/istio/pkg/istio-agent" 26 "istio.io/istio/pkg/util/sets" 27 "istio.io/istio/pkg/wasm" 28 ) 29 30 // Similar with ISTIO_META_, which is used to customize the node metadata - this customizes extra header. 31 const xdsHeaderPrefix = "XDS_HEADER_" 32 33 func NewAgentOptions(proxy *ProxyArgs, cfg *meshconfig.ProxyConfig, sds istioagent.SDSServiceFactory) *istioagent.AgentOptions { 34 var insecureRegistries []string 35 if wasmInsecureRegistries != "" { 36 insecureRegistries = strings.Split(wasmInsecureRegistries, ",") 37 } 38 o := &istioagent.AgentOptions{ 39 XDSRootCerts: xdsRootCA, 40 CARootCerts: caRootCA, 41 XDSHeaders: map[string]string{}, 42 XdsUdsPath: filepath.Join(cfg.ConfigPath, "XDS"), 43 IsIPv6: proxy.IsIPv6(), 44 ProxyType: proxy.Type, 45 EnableDynamicProxyConfig: enableProxyConfigXdsEnv, 46 WASMOptions: wasm.Options{ 47 InsecureRegistries: sets.New(insecureRegistries...), 48 ModuleExpiry: wasmModuleExpiry, 49 PurgeInterval: wasmPurgeInterval, 50 HTTPRequestTimeout: wasmHTTPRequestTimeout, 51 HTTPRequestMaxRetries: wasmHTTPRequestMaxRetries, 52 }, 53 ProxyIPAddresses: proxy.IPAddresses, 54 ServiceNode: proxy.ServiceNode(), 55 EnvoyStatusPort: envoyStatusPortEnv, 56 EnvoyPrometheusPort: envoyPrometheusPortEnv, 57 MinimumDrainDuration: minimumDrainDurationEnv, 58 ExitOnZeroActiveConnections: exitOnZeroActiveConnectionsEnv, 59 Platform: platform.Discover(proxy.SupportsIPv6()), 60 GRPCBootstrapPath: grpcBootstrapEnv, 61 DisableEnvoy: disableEnvoyEnv, 62 ProxyXDSDebugViaAgent: proxyXDSDebugViaAgent, 63 ProxyXDSDebugViaAgentPort: proxyXDSDebugViaAgentPort, 64 DNSCapture: DNSCaptureByAgent.Get(), 65 DNSForwardParallel: DNSForwardParallel.Get(), 66 DNSAddr: DNSCaptureAddr.Get(), 67 ProxyNamespace: PodNamespaceVar.Get(), 68 ProxyDomain: proxy.DNSDomain, 69 IstiodSAN: istiodSAN.Get(), 70 DualStack: features.EnableDualStack, 71 UseExternalWorkloadSDS: useExternalWorkloadSDSEnv, 72 MetadataDiscovery: enableWDSEnv, 73 SDSFactory: sds, 74 } 75 extractXDSHeadersFromEnv(o) 76 return o 77 } 78 79 // Simplified extraction of gRPC headers from environment. 80 // Unlike ISTIO_META, where we need JSON and advanced features - this is just for small string headers. 81 func extractXDSHeadersFromEnv(o *istioagent.AgentOptions) { 82 envs := os.Environ() 83 for _, e := range envs { 84 if strings.HasPrefix(e, xdsHeaderPrefix) { 85 parts := strings.SplitN(e, "=", 2) 86 if len(parts) != 2 { 87 continue 88 } 89 o.XDSHeaders[parts[0][len(xdsHeaderPrefix):]] = parts[1] 90 } 91 } 92 }