istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tools/packaging/common/envoy_bootstrap.json (about) 1 { 2 "application_log_config": { 3 "log_format": { 4 {{- if .log_json }} 5 "json_format": { 6 "time": "%Y-%m-%dT%T.%fZ", 7 "level": "%l", 8 "scope": "envoy %n", 9 "msg": "%j", 10 "caller": "%g:%#", 11 "thread": "%t" 12 } 13 {{- else }} 14 "text_format": "%Y-%m-%dT%T.%fZ\t%l\tenvoy %n %g:%#\t%v\tthread=%t" 15 {{- end }} 16 } 17 }, 18 "node": { 19 "id": "{{ .nodeID }}", 20 "cluster": "{{ .cluster }}", 21 "locality": { 22 {{- if .region }} 23 "region": "{{ .region }}" 24 {{- end }} 25 {{- if .zone }} 26 {{- if .region }} 27 , 28 {{- end }} 29 "zone": "{{ .zone }}" 30 {{- end }} 31 {{- if .sub_zone }} 32 {{- if or .region .zone }} 33 , 34 {{- end }} 35 "sub_zone": "{{ .sub_zone }}" 36 {{- end }} 37 }, 38 "metadata": {{ .meta_json_str }} 39 }, 40 "layered_runtime": { 41 "layers": [ 42 { 43 "name": "global config", 44 "static_layer": {{ .runtime_flags }} 45 }, 46 { 47 "name": "admin", 48 "admin_layer": {} 49 } 50 ] 51 }, 52 "bootstrap_extensions": [ 53 {{- if .metadata_discovery }} 54 { 55 "name": "metadata_discovery", 56 "typed_config": { 57 "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", 58 "type_url": "type.googleapis.com/istio.workload.BootstrapExtension", 59 "value": { 60 "config_source": { "ads": {} } 61 } 62 } 63 }, 64 {{- end }} 65 { 66 "name": "envoy.bootstrap.internal_listener", 67 "typed_config": { 68 "@type":"type.googleapis.com/udpa.type.v1.TypedStruct", 69 "type_url": "type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener", 70 "value": { 71 "buffer_size_kb": 64 72 } 73 } 74 } 75 ], 76 "stats_config": { 77 "use_all_default_tags": false, 78 "stats_tags": [ 79 { 80 "tag_name": "cluster_name", 81 "regex": "^cluster\\.((.+?(\\..+?\\.svc\\.cluster\\.local)?)\\.)" 82 }, 83 { 84 "tag_name": "tcp_prefix", 85 "regex": "^tcp\\.((.*?)\\.)\\w+?$" 86 }, 87 { 88 "regex": "_rq(_(\\d{3}))$", 89 "tag_name": "response_code" 90 }, 91 { 92 "tag_name": "response_code_class", 93 "regex": "_rq(_(\\dxx))$" 94 }, 95 { 96 "tag_name": "http_conn_manager_listener_prefix", 97 "regex": "^listener(?=\\.).*?\\.http\\.(((?:[_.[:digit:]]*|[_\\[\\]aAbBcCdDeEfF[:digit:]]*))\\.)" 98 }, 99 { 100 "tag_name": "http_conn_manager_prefix", 101 "regex": "^http\\.(((?:[_.[:digit:]]*|[_\\[\\]aAbBcCdDeEfF[:digit:]]*))\\.)" 102 }, 103 { 104 "tag_name": "listener_address", 105 "regex": "^listener\\.(((?:[_.[:digit:]]*|[_\\[\\]aAbBcCdDeEfF[:digit:]]*))\\.)" 106 }, 107 { 108 "tag_name": "mongo_prefix", 109 "regex": "^mongo\\.(.+?)\\.(collection|cmd|cx_|op_|delays_|decoding_)(.*?)$" 110 }, 111 {{- range $a, $tag := .extraStatTags }} 112 { 113 "regex": "({{ $tag }}=\\.=(.*?);\\.;)", 114 "tag_name": "{{ $tag }}" 115 }, 116 {{- end }} 117 { 118 "regex": "(cache\\.(.+?)\\.)", 119 "tag_name": "cache" 120 }, 121 { 122 "regex": "(component\\.(.+?)\\.)", 123 "tag_name": "component" 124 }, 125 { 126 "regex": "(tag\\.(.+?);\\.)", 127 "tag_name": "tag" 128 }, 129 { 130 "regex": "(wasm_filter\\.(.+?)\\.)", 131 "tag_name": "wasm_filter" 132 }, 133 { 134 "tag_name": "authz_enforce_result", 135 "regex": "rbac(\\.(allowed|denied))" 136 }, 137 { 138 "tag_name": "authz_dry_run_action", 139 "regex": "(\\.istio_dry_run_(allow|deny)_)" 140 }, 141 { 142 "tag_name": "authz_dry_run_result", 143 "regex": "(\\.shadow_(allowed|denied))" 144 } 145 ], 146 {{- if .histogram_buckets }} 147 "histogram_bucket_settings": {{ toJson .histogram_buckets }}, 148 {{- end }} 149 "stats_matcher": { 150 "inclusion_list": { 151 "patterns": [ 152 { 153 "prefix": "reporter=" 154 }, 155 {{- if .metadata_discovery }} 156 { 157 "prefix": "workload_discovery" 158 }, 159 {{- end }} 160 {{- range $a, $s := .inclusionPrefix }} 161 { 162 "prefix": "{{$s}}" 163 }, 164 {{- end }} 165 {{- range $a, $s := .inclusionSuffix }} 166 { 167 "suffix": "{{$s}}" 168 }, 169 {{- end }} 170 {{- range $a, $s := .inclusionRegexps }} 171 { 172 "safe_regex": {"regex":"{{js $s}}"} 173 }, 174 {{- end }} 175 { 176 "prefix": "component" 177 }, 178 { 179 "prefix": "istio" 180 } 181 ] 182 } 183 } 184 }, 185 "admin": { 186 "access_log": [ 187 { 188 "name": "envoy.access_loggers.file", 189 "typed_config": { 190 "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", 191 "path": "/dev/null" 192 } 193 } 194 ], 195 "profile_path": "/var/lib/istio/data/envoy.prof", 196 "address": { 197 "socket_address": { 198 "address": "{{ .localhost }}", 199 "port_value": {{ .config.ProxyAdminPort }} 200 } 201 } 202 }, 203 "dynamic_resources": { 204 "lds_config": { 205 "ads": {}, 206 "initial_fetch_timeout": "0s", 207 "resource_api_version": "V3" 208 }, 209 "cds_config": { 210 "ads": {}, 211 "initial_fetch_timeout": "0s", 212 "resource_api_version": "V3" 213 }, 214 "ads_config": { 215 "api_type": "{{ .xds_type }}", 216 "set_node_on_first_message_only": true, 217 "transport_api_version": "V3", 218 "grpc_services": [ 219 { 220 "envoy_grpc": { 221 "cluster_name": "xds-grpc" 222 } 223 } 224 ] 225 } 226 }, 227 "static_resources": { 228 "clusters": [ 229 { 230 "name": "prometheus_stats", 231 "type": "STATIC", 232 "connect_timeout": "0.250s", 233 "lb_policy": "ROUND_ROBIN", 234 "load_assignment": { 235 "cluster_name": "prometheus_stats", 236 "endpoints": [{ 237 "lb_endpoints": [{ 238 "endpoint": { 239 "address":{ 240 "socket_address": { 241 "protocol": "TCP", 242 "address": "{{ .localhost }}", 243 "port_value": {{ .config.ProxyAdminPort }} 244 } 245 } 246 } 247 }] 248 }] 249 } 250 }, 251 { 252 "name": "agent", 253 "type": "STATIC", 254 "connect_timeout": "0.250s", 255 "lb_policy": "ROUND_ROBIN", 256 "load_assignment": { 257 "cluster_name": "agent", 258 "endpoints": [{ 259 "lb_endpoints": [{ 260 "endpoint": { 261 "address":{ 262 "socket_address": { 263 "protocol": "TCP", 264 "address": "{{ .localhost }}", 265 "port_value": {{ .config.StatusPort }} 266 } 267 } 268 } 269 }] 270 }] 271 } 272 }, 273 { 274 "name": "sds-grpc", 275 "type": "STATIC", 276 "typed_extension_protocol_options": { 277 "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { 278 "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", 279 "explicit_http_config": { 280 "http2_protocol_options": {} 281 } 282 } 283 }, 284 "connect_timeout": "1s", 285 "lb_policy": "ROUND_ROBIN", 286 "load_assignment": { 287 "cluster_name": "sds-grpc", 288 "endpoints": [{ 289 "lb_endpoints": [{ 290 "endpoint": { 291 "address":{ 292 "pipe": { 293 "path": "./var/run/secrets/workload-spiffe-uds/socket" 294 } 295 } 296 } 297 }] 298 }] 299 } 300 }, 301 { 302 "name": "xds-grpc", 303 "type" : "STATIC", 304 "connect_timeout": "1s", 305 "lb_policy": "ROUND_ROBIN", 306 "load_assignment": { 307 "cluster_name": "xds-grpc", 308 "endpoints": [{ 309 "lb_endpoints": [{ 310 "endpoint": { 311 "address":{ 312 "pipe": { 313 "path": "{{ .config.ConfigPath }}/XDS" 314 } 315 } 316 } 317 }] 318 }] 319 }, 320 "circuit_breakers": { 321 "thresholds": [ 322 { 323 "priority": "DEFAULT", 324 "max_connections": 100000, 325 "max_pending_requests": 100000, 326 "max_requests": 100000 327 }, 328 { 329 "priority": "HIGH", 330 "max_connections": 100000, 331 "max_pending_requests": 100000, 332 "max_requests": 100000 333 } 334 ] 335 }, 336 "upstream_connection_options": { 337 "tcp_keepalive": { 338 "keepalive_time": 300 339 } 340 }, 341 "max_requests_per_connection": 1, 342 "typed_extension_protocol_options": { 343 "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { 344 "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", 345 "explicit_http_config": { 346 "http2_protocol_options": {} 347 } 348 } 349 } 350 } 351 {{ if .zipkin }} 352 , 353 { 354 "name": "zipkin", 355 {{- if .tracing_tls }} 356 "transport_socket": {{ .tracing_tls }}, 357 {{- end }} 358 "type": "STRICT_DNS", 359 "respect_dns_ttl": true, 360 "dns_lookup_family": "{{ .dns_lookup_family }}", 361 "dns_refresh_rate": "30s", 362 "connect_timeout": "1s", 363 "lb_policy": "ROUND_ROBIN", 364 "load_assignment": { 365 "cluster_name": "zipkin", 366 "endpoints": [{ 367 "lb_endpoints": [{ 368 "endpoint": { 369 "address":{ 370 "socket_address": {{ .zipkin }} 371 } 372 } 373 }] 374 }] 375 } 376 } 377 {{ else if .lightstep }} 378 , 379 { 380 "name": "lightstep", 381 {{- if .tracing_tls }} 382 "transport_socket": {{ .tracing_tls }}, 383 {{- end }} 384 "typed_extension_protocol_options": { 385 "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { 386 "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", 387 "explicit_http_config": { 388 "http2_protocol_options": {} 389 } 390 } 391 }, 392 "type": "STRICT_DNS", 393 "respect_dns_ttl": true, 394 "dns_lookup_family": "{{ .dns_lookup_family }}", 395 "connect_timeout": "1s", 396 "lb_policy": "ROUND_ROBIN", 397 "load_assignment": { 398 "cluster_name": "lightstep", 399 "endpoints": [{ 400 "lb_endpoints": [{ 401 "endpoint": { 402 "address":{ 403 "socket_address": {{ .lightstep }} 404 } 405 } 406 }] 407 }] 408 } 409 } 410 {{ else if .datadog }} 411 , 412 { 413 "name": "datadog_agent", 414 {{- if .tracing_tls }} 415 "transport_socket": {{ .tracing_tls }}, 416 {{- end }} 417 "connect_timeout": "1s", 418 "type": "STRICT_DNS", 419 "respect_dns_ttl": true, 420 "dns_lookup_family": "{{ .dns_lookup_family }}", 421 "lb_policy": "ROUND_ROBIN", 422 "load_assignment": { 423 "cluster_name": "datadog_agent", 424 "endpoints": [{ 425 "lb_endpoints": [{ 426 "endpoint": { 427 "address":{ 428 "socket_address": {{ .datadog }} 429 } 430 } 431 }] 432 }] 433 } 434 } 435 {{ end }} 436 {{- if .envoy_metrics_service_address }} 437 , 438 { 439 "name": "envoy_metrics_service", 440 "type": "STRICT_DNS", 441 {{- if .envoy_metrics_service_tls }} 442 "transport_socket": {{ .envoy_metrics_service_tls }}, 443 {{- end }} 444 {{- if .envoy_metrics_service_tcp_keepalive }} 445 "upstream_connection_options": {{ .envoy_metrics_service_tcp_keepalive }}, 446 {{- end }} 447 "respect_dns_ttl": true, 448 "dns_lookup_family": "{{ .dns_lookup_family }}", 449 "connect_timeout": "1s", 450 "lb_policy": "ROUND_ROBIN", 451 "typed_extension_protocol_options": { 452 "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { 453 "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", 454 "explicit_http_config": { 455 "http2_protocol_options": {} 456 } 457 } 458 }, 459 "load_assignment": { 460 "cluster_name": "envoy_metrics_service", 461 "endpoints": [{ 462 "lb_endpoints": [{ 463 "endpoint": { 464 "address":{ 465 "socket_address": {{ .envoy_metrics_service_address }} 466 } 467 } 468 }] 469 }] 470 } 471 } 472 {{ end }} 473 {{ if .envoy_accesslog_service_address }} 474 , 475 { 476 "name": "envoy_accesslog_service", 477 "type": "STRICT_DNS", 478 {{- if .envoy_accesslog_service_tls }} 479 "transport_socket": {{ .envoy_accesslog_service_tls }}, 480 {{- end }} 481 {{- if .envoy_accesslog_service_tcp_keepalive }} 482 "upstream_connection_options": {{ .envoy_accesslog_service_tcp_keepalive }}, 483 {{ end }} 484 "respect_dns_ttl": true, 485 "dns_lookup_family": "{{ .dns_lookup_family }}", 486 "connect_timeout": "1s", 487 "lb_policy": "ROUND_ROBIN", 488 "typed_extension_protocol_options": { 489 "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { 490 "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", 491 "explicit_http_config": { 492 "http2_protocol_options": {} 493 } 494 } 495 }, 496 "load_assignment": { 497 "cluster_name": "envoy_accesslog_service", 498 "endpoints": [{ 499 "lb_endpoints": [{ 500 "endpoint": { 501 "address":{ 502 "socket_address": {{ .envoy_accesslog_service_address }} 503 } 504 } 505 }] 506 }] 507 } 508 } 509 {{ end }} 510 ], 511 "listeners":[ 512 { 513 "address": { 514 "socket_address": { 515 "protocol": "TCP", 516 {{- if .metrics_localhost_access_only }} 517 "address": "{{ .localhost }}", 518 {{ else }} 519 "address": "{{ .wildcard }}", 520 {{ end }} 521 "port_value": {{ .envoy_prometheus_port }} 522 } 523 }, 524 {{- if .dual_stack }} 525 "additionalAddresses": [ 526 { 527 "address": { 528 "socket_address": { 529 "protocol": "TCP", 530 {{- if .metrics_localhost_access_only }} 531 "address": "{{ .additional_localhost }}", 532 {{ else }} 533 "address": "{{ .additional_wildcard }}", 534 {{ end }} 535 "port_value": {{ .envoy_prometheus_port }} 536 } 537 } 538 } 539 ], 540 {{- end}} 541 "filter_chains": [ 542 { 543 "filters": [ 544 { 545 "name": "envoy.filters.network.http_connection_manager", 546 "typed_config": { 547 "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", 548 "codec_type": "AUTO", 549 "stat_prefix": "stats", 550 "route_config": { 551 "virtual_hosts": [ 552 { 553 "name": "backend", 554 "domains": [ 555 "*" 556 ], 557 "routes": [ 558 { 559 "match": { 560 "prefix": "/stats/prometheus" 561 }, 562 "route": { 563 "cluster": "prometheus_stats" 564 } 565 } 566 ] 567 } 568 ] 569 }, 570 "http_filters": [ 571 {{- if .stats_compression }} 572 { 573 "name": "envoy.filters.http.compressor", 574 "typed_config": { 575 "@type": "type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor", 576 {{- if eq .stats_compression "gzip"}} 577 "compressor_library": { 578 "name": "text_optimized", 579 "typed_config": { 580 "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" 581 } 582 } 583 {{- else if eq .stats_compression "zstd"}} 584 "compressor_library": { 585 "name": "text_optimized", 586 "typed_config": { 587 "@type": "type.googleapis.com/envoy.extensions.compression.zstd.compressor.v3.Zstd" 588 } 589 } 590 {{- else if eq .stats_compression "brotli"}} 591 "compressor_library": { 592 "name": "text_optimized", 593 "typed_config": { 594 "@type": "type.googleapis.com/envoy.extensions.compression.brotli.compressor.v3.Brotli" 595 } 596 } 597 {{- end }} 598 } 599 }, 600 {{- end }} 601 { 602 "name": "envoy.filters.http.router", 603 "typed_config": { 604 "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" 605 } 606 }] 607 } 608 } 609 ] 610 } 611 ] 612 }, 613 { 614 "address": { 615 "socket_address": { 616 "protocol": "TCP", 617 "address": "{{ .wildcard }}", 618 "port_value": {{ .envoy_status_port }} 619 } 620 }, 621 {{- if .dual_stack }} 622 "additionalAddresses": [ 623 { 624 "address": { 625 "socket_address": { 626 "protocol": "TCP", 627 "address": "{{ .additional_wildcard }}", 628 "port_value": {{ .envoy_status_port }} 629 } 630 } 631 } 632 ], 633 {{- end}} 634 "filter_chains": [ 635 { 636 "filters": [ 637 { 638 "name": "envoy.filters.network.http_connection_manager", 639 "typed_config": { 640 "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", 641 "codec_type": "AUTO", 642 "stat_prefix": "agent", 643 "route_config": { 644 "virtual_hosts": [ 645 { 646 "name": "backend", 647 "domains": [ 648 "*" 649 ], 650 "routes": [ 651 { 652 "match": { 653 "prefix": "/healthz/ready" 654 }, 655 "route": { 656 "cluster": "agent" 657 } 658 } 659 ] 660 } 661 ] 662 }, 663 "http_filters": [{ 664 "name": "envoy.filters.http.router", 665 "typed_config": { 666 "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" 667 } 668 }] 669 } 670 } 671 ] 672 } 673 ] 674 } 675 ] 676 } 677 {{- if .zipkin }} 678 , 679 "tracing": { 680 "http": { 681 "name": "envoy.tracers.zipkin", 682 "typed_config": { 683 "@type": "type.googleapis.com/envoy.config.trace.v3.ZipkinConfig", 684 "collector_cluster": "zipkin", 685 "collector_endpoint": "/api/v2/spans", 686 "collector_endpoint_version": "HTTP_JSON", 687 "trace_id_128bit": true, 688 "shared_span_context": false 689 } 690 } 691 } 692 {{- else if .lightstep }} 693 , 694 "tracing": { 695 "http": { 696 "name": "envoy.tracers.lightstep", 697 "typed_config": { 698 "@type": "type.googleapis.com/envoy.config.trace.v3.LightstepConfig", 699 "collector_cluster": "lightstep", 700 "access_token_file": "{{ .lightstepToken}}" 701 } 702 } 703 } 704 {{- else if .datadog }} 705 , 706 "tracing": { 707 "http": { 708 "name": "envoy.tracers.datadog", 709 "typed_config": { 710 "@type": "type.googleapis.com/envoy.config.trace.v3.DatadogConfig", 711 "collector_cluster": "datadog_agent", 712 "service_name": "{{ .cluster }}" 713 } 714 } 715 } 716 {{- else if .openCensusAgent }} 717 , 718 "tracing": { 719 "http": { 720 "name": "envoy.tracers.opencensus", 721 "typed_config": { 722 "@type": "type.googleapis.com/envoy.config.trace.v3.OpenCensusConfig", 723 "ocagent_exporter_enabled": true, 724 "ocagent_address": "{{ .openCensusAgent }}", 725 "incoming_trace_context": {{ .openCensusAgentContexts }}, 726 "outgoing_trace_context": {{ .openCensusAgentContexts }}, 727 "trace_config": { 728 "constant_sampler": { 729 "decision": "ALWAYS_PARENT" 730 }, 731 "max_number_of_annotations": 200, 732 "max_number_of_attributes": 200, 733 "max_number_of_message_events": 200, 734 "max_number_of_links": 200 735 } 736 } 737 } 738 } 739 {{ end }} 740 {{ if or .envoy_metrics_service_address .statsd }} 741 , 742 "stats_sinks": [ 743 {{ if .envoy_metrics_service_address }} 744 { 745 "name": "envoy.stat_sinks.metrics_service", 746 "typed_config": { 747 "@type": "type.googleapis.com/envoy.config.metrics.v3.MetricsServiceConfig", 748 "transport_api_version": "V3", 749 "grpc_service": { 750 "envoy_grpc": { 751 "cluster_name": "envoy_metrics_service" 752 } 753 } 754 } 755 } 756 {{ end }} 757 {{ if and .envoy_metrics_service_address .statsd }} 758 , 759 {{ end }} 760 {{ if .statsd }} 761 { 762 "name": "envoy.stat_sinks.statsd", 763 "typed_config": { 764 "@type": "type.googleapis.com/envoy.config.metrics.v3.StatsdSink", 765 "address": { 766 "socket_address": {{ .statsd }} 767 } 768 } 769 } 770 {{ end }} 771 ] 772 {{ end }} 773 {{ if or .outlier_log_path .load_stats_config_json_str .deferred_cluster_creation}} 774 , 775 "cluster_manager": { 776 {{- if .deferred_cluster_creation}} 777 "enable_deferred_cluster_creation": true, 778 {{- end}} 779 {{- if .outlier_log_path}} 780 "outlier_detection": { 781 "event_log_path": "{{ .outlier_log_path }}" 782 } 783 {{- end}} 784 {{- if and .outlier_log_path .load_stats_config_json_str }} 785 , 786 {{- end}} 787 {{- if .load_stats_config_json_str }} 788 "load_stats_config": {{- .load_stats_config_json_str }} 789 {{- end }} 790 } 791 {{ end }} 792 }