1syntax = "proto3"; 2 3package envoy.config.bootstrap.v3; 4 5import "envoy/config/accesslog/v3/accesslog.proto"; 6import "envoy/config/cluster/v3/cluster.proto"; 7import "envoy/config/core/v3/address.proto"; 8import "envoy/config/core/v3/base.proto"; 9import "envoy/config/core/v3/config_source.proto"; 10import "envoy/config/core/v3/event_service_config.proto"; 11import "envoy/config/core/v3/extension.proto"; 12import "envoy/config/core/v3/resolver.proto"; 13import "envoy/config/core/v3/socket_option.proto"; 14import "envoy/config/listener/v3/listener.proto"; 15import "envoy/config/metrics/v3/stats.proto"; 16import "envoy/config/overload/v3/overload.proto"; 17import "envoy/config/trace/v3/http_tracer.proto"; 18import "envoy/extensions/transport_sockets/tls/v3/secret.proto"; 19import "envoy/type/v3/percent.proto"; 20 21import "google/protobuf/duration.proto"; 22import "google/protobuf/struct.proto"; 23import "google/protobuf/wrappers.proto"; 24 25import "envoy/annotations/deprecation.proto"; 26import "udpa/annotations/migrate.proto"; 27import "udpa/annotations/security.proto"; 28import "udpa/annotations/status.proto"; 29import "udpa/annotations/versioning.proto"; 30import "validate/validate.proto"; 31 32option java_package = "io.envoyproxy.envoy.config.bootstrap.v3"; 33option java_outer_classname = "BootstrapProto"; 34option java_multiple_files = true; 35option go_package = "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3;bootstrapv3"; 36option (udpa.annotations.file_status).package_version_status = ACTIVE; 37 38// [#protodoc-title: Bootstrap] 39// This proto is supplied via the :option:`-c` CLI flag and acts as the root 40// of the Envoy v3 configuration. See the :ref:`v3 configuration overview 41// <config_overview_bootstrap>` for more detail. 42 43// Bootstrap :ref:`configuration overview <config_overview_bootstrap>`. 44// [#next-free-field: 38] 45message Bootstrap { 46 option (udpa.annotations.versioning).previous_message_type = 47 "envoy.config.bootstrap.v2.Bootstrap"; 48 49 message StaticResources { 50 option (udpa.annotations.versioning).previous_message_type = 51 "envoy.config.bootstrap.v2.Bootstrap.StaticResources"; 52 53 // Static :ref:`Listeners <envoy_v3_api_msg_config.listener.v3.Listener>`. These listeners are 54 // available regardless of LDS configuration. 55 repeated listener.v3.Listener listeners = 1; 56 57 // If a network based configuration source is specified for :ref:`cds_config 58 // <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.DynamicResources.cds_config>`, it's necessary 59 // to have some initial cluster definitions available to allow Envoy to know 60 // how to speak to the management server. These cluster definitions may not 61 // use :ref:`EDS <arch_overview_dynamic_config_eds>` (i.e. they should be static 62 // IP or DNS-based). 63 repeated cluster.v3.Cluster clusters = 2; 64 65 // These static secrets can be used by :ref:`SdsSecretConfig 66 // <envoy_v3_api_msg_extensions.transport_sockets.tls.v3.SdsSecretConfig>` 67 repeated envoy.extensions.transport_sockets.tls.v3.Secret secrets = 3; 68 } 69 70 // [#next-free-field: 7] 71 message DynamicResources { 72 option (udpa.annotations.versioning).previous_message_type = 73 "envoy.config.bootstrap.v2.Bootstrap.DynamicResources"; 74 75 reserved 4; 76 77 // All :ref:`Listeners <envoy_v3_api_msg_config.listener.v3.Listener>` are provided by a single 78 // :ref:`LDS <arch_overview_dynamic_config_lds>` configuration source. 79 core.v3.ConfigSource lds_config = 1; 80 81 // xdstp:// resource locator for listener collection. 82 // [#not-implemented-hide:] 83 string lds_resources_locator = 5; 84 85 // All post-bootstrap :ref:`Cluster <envoy_v3_api_msg_config.cluster.v3.Cluster>` definitions are 86 // provided by a single :ref:`CDS <arch_overview_dynamic_config_cds>` 87 // configuration source. 88 core.v3.ConfigSource cds_config = 2; 89 90 // xdstp:// resource locator for cluster collection. 91 // [#not-implemented-hide:] 92 string cds_resources_locator = 6; 93 94 // A single :ref:`ADS <config_overview_ads>` source may be optionally 95 // specified. This must have :ref:`api_type 96 // <envoy_v3_api_field_config.core.v3.ApiConfigSource.api_type>` :ref:`GRPC 97 // <envoy_v3_api_enum_value_config.core.v3.ApiConfigSource.ApiType.GRPC>`. Only 98 // :ref:`ConfigSources <envoy_v3_api_msg_config.core.v3.ConfigSource>` that have 99 // the :ref:`ads <envoy_v3_api_field_config.core.v3.ConfigSource.ads>` field set will be 100 // streamed on the ADS channel. 101 core.v3.ApiConfigSource ads_config = 3; 102 } 103 104 reserved 10, 11; 105 106 reserved "runtime"; 107 108 // Node identity to present to the management server and for instance 109 // identification purposes (e.g. in generated headers). 110 core.v3.Node node = 1; 111 112 // A list of :ref:`Node <envoy_v3_api_msg_config.core.v3.Node>` field names 113 // that will be included in the context parameters of the effective 114 // xdstp:// URL that is sent in a discovery request when resource 115 // locators are used for LDS/CDS. Any non-string field will have its JSON 116 // encoding set as the context parameter value, with the exception of 117 // metadata, which will be flattened (see example below). The supported field 118 // names are: 119 // - "cluster" 120 // - "id" 121 // - "locality.region" 122 // - "locality.sub_zone" 123 // - "locality.zone" 124 // - "metadata" 125 // - "user_agent_build_version.metadata" 126 // - "user_agent_build_version.version" 127 // - "user_agent_name" 128 // - "user_agent_version" 129 // 130 // The node context parameters act as a base layer dictionary for the context 131 // parameters (i.e. more specific resource specific context parameters will 132 // override). Field names will be prefixed with “udpa.node.” when included in 133 // context parameters. 134 // 135 // For example, if node_context_params is ``["user_agent_name", "metadata"]``, 136 // the implied context parameters might be:: 137 // 138 // node.user_agent_name: "envoy" 139 // node.metadata.foo: "{\"bar\": \"baz\"}" 140 // node.metadata.some: "42" 141 // node.metadata.thing: "\"thing\"" 142 // 143 // [#not-implemented-hide:] 144 repeated string node_context_params = 26; 145 146 // Statically specified resources. 147 StaticResources static_resources = 2; 148 149 // xDS configuration sources. 150 DynamicResources dynamic_resources = 3; 151 152 // Configuration for the cluster manager which owns all upstream clusters 153 // within the server. 154 ClusterManager cluster_manager = 4; 155 156 // Health discovery service config option. 157 // (:ref:`core.ApiConfigSource <envoy_v3_api_msg_config.core.v3.ApiConfigSource>`) 158 core.v3.ApiConfigSource hds_config = 14; 159 160 // Optional file system path to search for startup flag files. 161 string flags_path = 5; 162 163 // Optional set of stats sinks. 164 repeated metrics.v3.StatsSink stats_sinks = 6; 165 166 // Configuration for internal processing of stats. 167 metrics.v3.StatsConfig stats_config = 13; 168 169 // Optional duration between flushes to configured stats sinks. For 170 // performance reasons Envoy latches counters and only flushes counters and 171 // gauges at a periodic interval. If not specified the default is 5000ms (5 172 // seconds). Only one of ``stats_flush_interval`` or ``stats_flush_on_admin`` 173 // can be set. 174 // Duration must be at least 1ms and at most 5 min. 175 google.protobuf.Duration stats_flush_interval = 7 [ 176 (validate.rules).duration = { 177 lt {seconds: 300} 178 gte {nanos: 1000000} 179 }, 180 (udpa.annotations.field_migrate).oneof_promotion = "stats_flush" 181 ]; 182 183 oneof stats_flush { 184 // Flush stats to sinks only when queried for on the admin interface. If set, 185 // a flush timer is not created. Only one of ``stats_flush_on_admin`` or 186 // ``stats_flush_interval`` can be set. 187 bool stats_flush_on_admin = 29 [(validate.rules).bool = {const: true}]; 188 } 189 190 // Optional watchdog configuration. 191 // This is for a single watchdog configuration for the entire system. 192 // Deprecated in favor of ``watchdogs`` which has finer granularity. 193 Watchdog watchdog = 8 194 [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; 195 196 // Optional watchdogs configuration. 197 // This is used for specifying different watchdogs for the different subsystems. 198 // [#extension-category: envoy.guarddog_actions] 199 Watchdogs watchdogs = 27; 200 201 // Configuration for an external tracing provider. 202 // 203 // .. attention:: 204 // This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider 205 // <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.Tracing.provider>`. 206 trace.v3.Tracing tracing = 9 207 [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; 208 209 // Configuration for the runtime configuration provider. If not 210 // specified, a “null” provider will be used which will result in all defaults 211 // being used. 212 LayeredRuntime layered_runtime = 17; 213 214 // Configuration for the local administration HTTP server. 215 Admin admin = 12; 216 217 // Optional overload manager configuration. 218 overload.v3.OverloadManager overload_manager = 15 [ 219 (udpa.annotations.security).configure_for_untrusted_downstream = true, 220 (udpa.annotations.security).configure_for_untrusted_upstream = true 221 ]; 222 223 // Enable :ref:`stats for event dispatcher <operations_performance>`, defaults to false. 224 // Note that this records a value for each iteration of the event loop on every thread. This 225 // should normally be minimal overhead, but when using 226 // :ref:`statsd <envoy_v3_api_msg_config.metrics.v3.StatsdSink>`, it will send each observed value 227 // over the wire individually because the statsd protocol doesn't have any way to represent a 228 // histogram summary. Be aware that this can be a very large volume of data. 229 bool enable_dispatcher_stats = 16; 230 231 // Optional string which will be used in lieu of x-envoy in prefixing headers. 232 // 233 // For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be 234 // transformed into x-foo-retry-on etc. 235 // 236 // Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the 237 // headers Envoy will trust for core code and core extensions only. Be VERY careful making 238 // changes to this string, especially in multi-layer Envoy deployments or deployments using 239 // extensions which are not upstream. 240 string header_prefix = 18; 241 242 // Optional proxy version which will be used to set the value of :ref:`server.version statistic 243 // <server_statistics>` if specified. Envoy will not process this value, it will be sent as is to 244 // :ref:`stats sinks <envoy_v3_api_msg_config.metrics.v3.StatsSink>`. 245 google.protobuf.UInt64Value stats_server_version_override = 19; 246 247 // Always use TCP queries instead of UDP queries for DNS lookups. 248 // This may be overridden on a per-cluster basis in cds_config, 249 // when :ref:`dns_resolvers <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolvers>` and 250 // :ref:`use_tcp_for_dns_lookups <envoy_v3_api_field_config.cluster.v3.Cluster.use_tcp_for_dns_lookups>` are 251 // specified. 252 // This field is deprecated in favor of ``dns_resolution_config`` 253 // which aggregates all of the DNS resolver configuration in a single message. 254 bool use_tcp_for_dns_lookups = 20 255 [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; 256 257 // DNS resolution configuration which includes the underlying dns resolver addresses and options. 258 // This may be overridden on a per-cluster basis in cds_config, when 259 // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>` 260 // is specified. 261 // This field is deprecated in favor of 262 // :ref:`typed_dns_resolver_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.typed_dns_resolver_config>`. 263 core.v3.DnsResolutionConfig dns_resolution_config = 30 264 [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; 265 266 // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple, 267 // or any other DNS resolver types and the related parameters. 268 // For example, an object of 269 // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>` 270 // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the 271 // :ref:`dns_resolution_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>` 272 // configuration. 273 // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists, 274 // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``. 275 // When ``typed_dns_resolver_config`` is missing, the default behavior is in place. 276 // [#extension-category: envoy.network.dns_resolver] 277 core.v3.TypedExtensionConfig typed_dns_resolver_config = 31; 278 279 // Specifies optional bootstrap extensions to be instantiated at startup time. 280 // Each item contains extension specific configuration. 281 // [#extension-category: envoy.bootstrap] 282 repeated core.v3.TypedExtensionConfig bootstrap_extensions = 21; 283 284 // Specifies optional extensions instantiated at startup time and 285 // invoked during crash time on the request that caused the crash. 286 repeated FatalAction fatal_actions = 28; 287 288 // Configuration sources that will participate in 289 // xdstp:// URL authority resolution. The algorithm is as 290 // follows: 291 // 1. The authority field is taken from the xdstp:// URL, call 292 // this ``resource_authority``. 293 // 2. ``resource_authority`` is compared against the authorities in any peer 294 // ``ConfigSource``. The peer ``ConfigSource`` is the configuration source 295 // message which would have been used unconditionally for resolution 296 // with opaque resource names. If there is a match with an authority, the 297 // peer ``ConfigSource`` message is used. 298 // 3. ``resource_authority`` is compared sequentially with the authorities in 299 // each configuration source in ``config_sources``. The first ``ConfigSource`` 300 // to match wins. 301 // 4. As a fallback, if no configuration source matches, then 302 // ``default_config_source`` is used. 303 // 5. If ``default_config_source`` is not specified, resolution fails. 304 // [#not-implemented-hide:] 305 repeated core.v3.ConfigSource config_sources = 22; 306 307 // Default configuration source for xdstp:// URLs if all 308 // other resolution fails. 309 // [#not-implemented-hide:] 310 core.v3.ConfigSource default_config_source = 23; 311 312 // Optional overriding of default socket interface. The value must be the name of one of the 313 // socket interface factories initialized through a bootstrap extension 314 string default_socket_interface = 24; 315 316 // Global map of CertificateProvider instances. These instances are referred to by name in the 317 // :ref:`CommonTlsContext.CertificateProviderInstance.instance_name 318 // <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance.instance_name>` 319 // field. 320 // [#not-implemented-hide:] 321 map<string, core.v3.TypedExtensionConfig> certificate_provider_instances = 25; 322 323 // Specifies a set of headers that need to be registered as inline header. This configuration 324 // allows users to customize the inline headers on-demand at Envoy startup without modifying 325 // Envoy's source code. 326 // 327 // Note that the 'set-cookie' header cannot be registered as inline header. 328 repeated CustomInlineHeader inline_headers = 32; 329 330 // Optional path to a file with performance tracing data created by "Perfetto" SDK in binary 331 // ProtoBuf format. The default value is "envoy.pftrace". 332 string perf_tracing_file_path = 33; 333 334 // Optional overriding of default regex engine. 335 // If the value is not specified, Google RE2 will be used by default. 336 // [#extension-category: envoy.regex_engines] 337 core.v3.TypedExtensionConfig default_regex_engine = 34; 338 339 // Optional XdsResourcesDelegate configuration, which allows plugging custom logic into both 340 // fetch and load events during xDS processing. 341 // If a value is not specified, no XdsResourcesDelegate will be used. 342 // TODO(abeyad): Add public-facing documentation. 343 // [#not-implemented-hide:] 344 core.v3.TypedExtensionConfig xds_delegate_extension = 35; 345 346 // Optional XdsConfigTracker configuration, which allows tracking xDS responses in external components, 347 // e.g., external tracer or monitor. It provides the process point when receive, ingest, or fail to 348 // process xDS resources and messages. If a value is not specified, no XdsConfigTracker will be used. 349 // 350 // .. note:: 351 // 352 // There are no in-repo extensions currently, and the :repo:`XdsConfigTracker <envoy/config/xds_config_tracker.h>` 353 // interface should be implemented before using. 354 // See :repo:`xds_config_tracker_integration_test <test/integration/xds_config_tracker_integration_test.cc>` 355 // for an example usage of the interface. 356 core.v3.TypedExtensionConfig xds_config_tracker_extension = 36; 357 358 // [#not-implemented-hide:] 359 // This controls the type of listener manager configured for Envoy. Currently 360 // Envoy only supports ListenerManager for this field and Envoy Mobile 361 // supports ApiListenerManager. 362 core.v3.TypedExtensionConfig listener_manager = 37; 363} 364 365// Administration interface :ref:`operations documentation 366// <operations_admin_interface>`. 367// [#next-free-field: 7] 368message Admin { 369 option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Admin"; 370 371 // Configuration for :ref:`access logs <arch_overview_access_logs>` 372 // emitted by the administration server. 373 repeated accesslog.v3.AccessLog access_log = 5; 374 375 // The path to write the access log for the administration server. If no 376 // access log is desired specify ‘/dev/null’. This is only required if 377 // :ref:`address <envoy_v3_api_field_config.bootstrap.v3.Admin.address>` is set. 378 // Deprecated in favor of ``access_log`` which offers more options. 379 string access_log_path = 1 380 [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; 381 382 // The cpu profiler output path for the administration server. If no profile 383 // path is specified, the default is ‘/var/log/envoy/envoy.prof’. 384 string profile_path = 2; 385 386 // The TCP address that the administration server will listen on. 387 // If not specified, Envoy will not start an administration server. 388 core.v3.Address address = 3; 389 390 // Additional socket options that may not be present in Envoy source code or 391 // precompiled binaries. 392 repeated core.v3.SocketOption socket_options = 4; 393 394 // Indicates whether :ref:`global_downstream_max_connections <config_overload_manager_limiting_connections>` 395 // should apply to the admin interface or not. 396 bool ignore_global_conn_limit = 6; 397} 398 399// Cluster manager :ref:`architecture overview <arch_overview_cluster_manager>`. 400message ClusterManager { 401 option (udpa.annotations.versioning).previous_message_type = 402 "envoy.config.bootstrap.v2.ClusterManager"; 403 404 message OutlierDetection { 405 option (udpa.annotations.versioning).previous_message_type = 406 "envoy.config.bootstrap.v2.ClusterManager.OutlierDetection"; 407 408 // Specifies the path to the outlier event log. 409 string event_log_path = 1; 410 411 // [#not-implemented-hide:] 412 // The gRPC service for the outlier detection event service. 413 // If empty, outlier detection events won't be sent to a remote endpoint. 414 core.v3.EventServiceConfig event_service = 2; 415 } 416 417 // Name of the local cluster (i.e., the cluster that owns the Envoy running 418 // this configuration). In order to enable :ref:`zone aware routing 419 // <arch_overview_load_balancing_zone_aware_routing>` this option must be set. 420 // If ``local_cluster_name`` is defined then :ref:`clusters 421 // <envoy_v3_api_msg_config.cluster.v3.Cluster>` must be defined in the :ref:`Bootstrap 422 // static cluster resources 423 // <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.StaticResources.clusters>`. This is unrelated to 424 // the :option:`--service-cluster` option which does not `affect zone aware 425 // routing <https://github.com/envoyproxy/envoy/issues/774>`_. 426 string local_cluster_name = 1; 427 428 // Optional global configuration for outlier detection. 429 OutlierDetection outlier_detection = 2; 430 431 // Optional configuration used to bind newly established upstream connections. 432 // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. 433 core.v3.BindConfig upstream_bind_config = 3; 434 435 // A management server endpoint to stream load stats to via 436 // ``StreamLoadStats``. This must have :ref:`api_type 437 // <envoy_v3_api_field_config.core.v3.ApiConfigSource.api_type>` :ref:`GRPC 438 // <envoy_v3_api_enum_value_config.core.v3.ApiConfigSource.ApiType.GRPC>`. 439 core.v3.ApiConfigSource load_stats_config = 4; 440} 441 442// Allows you to specify different watchdog configs for different subsystems. 443// This allows finer tuned policies for the watchdog. If a subsystem is omitted 444// the default values for that system will be used. 445message Watchdogs { 446 // Watchdog for the main thread. 447 Watchdog main_thread_watchdog = 1; 448 449 // Watchdog for the worker threads. 450 Watchdog worker_watchdog = 2; 451} 452 453// Envoy process watchdog configuration. When configured, this monitors for 454// nonresponsive threads and kills the process after the configured thresholds. 455// See the :ref:`watchdog documentation <operations_performance_watchdog>` for more information. 456// [#next-free-field: 8] 457message Watchdog { 458 option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Watchdog"; 459 460 message WatchdogAction { 461 // The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS. 462 // Within an event type, actions execute in the order they are configured. 463 // For KILL/MULTIKILL there is a default PANIC that will run after the 464 // registered actions and kills the process if it wasn't already killed. 465 // It might be useful to specify several debug actions, and possibly an 466 // alternate FATAL action. 467 enum WatchdogEvent { 468 UNKNOWN = 0; 469 KILL = 1; 470 MULTIKILL = 2; 471 MEGAMISS = 3; 472 MISS = 4; 473 } 474 475 // Extension specific configuration for the action. 476 core.v3.TypedExtensionConfig config = 1; 477 478 WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}]; 479 } 480 481 // Register actions that will fire on given WatchDog events. 482 // See ``WatchDogAction`` for priority of events. 483 repeated WatchdogAction actions = 7; 484 485 // The duration after which Envoy counts a nonresponsive thread in the 486 // ``watchdog_miss`` statistic. If not specified the default is 200ms. 487 google.protobuf.Duration miss_timeout = 1; 488 489 // The duration after which Envoy counts a nonresponsive thread in the 490 // ``watchdog_mega_miss`` statistic. If not specified the default is 491 // 1000ms. 492 google.protobuf.Duration megamiss_timeout = 2; 493 494 // If a watched thread has been nonresponsive for this duration, assume a 495 // programming error and kill the entire Envoy process. Set to 0 to disable 496 // kill behavior. If not specified the default is 0 (disabled). 497 google.protobuf.Duration kill_timeout = 3; 498 499 // Defines the maximum jitter used to adjust the ``kill_timeout`` if ``kill_timeout`` is 500 // enabled. Enabling this feature would help to reduce risk of synchronized 501 // watchdog kill events across proxies due to external triggers. Set to 0 to 502 // disable. If not specified the default is 0 (disabled). 503 google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}]; 504 505 // If ``max(2, ceil(registered_threads * Fraction(*multikill_threshold*)))`` 506 // threads have been nonresponsive for at least this duration kill the entire 507 // Envoy process. Set to 0 to disable this behavior. If not specified the 508 // default is 0 (disabled). 509 google.protobuf.Duration multikill_timeout = 4; 510 511 // Sets the threshold for ``multikill_timeout`` in terms of the percentage of 512 // nonresponsive threads required for the ``multikill_timeout``. 513 // If not specified the default is 0. 514 type.v3.Percent multikill_threshold = 5; 515} 516 517// Fatal actions to run while crashing. Actions can be safe (meaning they are 518// async-signal safe) or unsafe. We run all safe actions before we run unsafe actions. 519// If using an unsafe action that could get stuck or deadlock, it important to 520// have an out of band system to terminate the process. 521// 522// The interface for the extension is ``Envoy::Server::Configuration::FatalAction``. 523// ``FatalAction`` extensions live in the ``envoy.extensions.fatal_actions`` API 524// namespace. 525message FatalAction { 526 // Extension specific configuration for the action. It's expected to conform 527 // to the ``Envoy::Server::Configuration::FatalAction`` interface. 528 core.v3.TypedExtensionConfig config = 1; 529} 530 531// Runtime :ref:`configuration overview <config_runtime>` (deprecated). 532message Runtime { 533 option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Runtime"; 534 535 // The implementation assumes that the file system tree is accessed via a 536 // symbolic link. An atomic link swap is used when a new tree should be 537 // switched to. This parameter specifies the path to the symbolic link. Envoy 538 // will watch the location for changes and reload the file system tree when 539 // they happen. If this parameter is not set, there will be no disk based 540 // runtime. 541 string symlink_root = 1; 542 543 // Specifies the subdirectory to load within the root directory. This is 544 // useful if multiple systems share the same delivery mechanism. Envoy 545 // configuration elements can be contained in a dedicated subdirectory. 546 string subdirectory = 2; 547 548 // Specifies an optional subdirectory to load within the root directory. If 549 // specified and the directory exists, configuration values within this 550 // directory will override those found in the primary subdirectory. This is 551 // useful when Envoy is deployed across many different types of servers. 552 // Sometimes it is useful to have a per service cluster directory for runtime 553 // configuration. See below for exactly how the override directory is used. 554 string override_subdirectory = 3; 555 556 // Static base runtime. This will be :ref:`overridden 557 // <config_runtime_layering>` by other runtime layers, e.g. 558 // disk or admin. This follows the :ref:`runtime protobuf JSON representation 559 // encoding <config_runtime_proto_json>`. 560 google.protobuf.Struct base = 4; 561} 562 563// [#next-free-field: 6] 564message RuntimeLayer { 565 option (udpa.annotations.versioning).previous_message_type = 566 "envoy.config.bootstrap.v2.RuntimeLayer"; 567 568 // :ref:`Disk runtime <config_runtime_local_disk>` layer. 569 message DiskLayer { 570 option (udpa.annotations.versioning).previous_message_type = 571 "envoy.config.bootstrap.v2.RuntimeLayer.DiskLayer"; 572 573 // The implementation assumes that the file system tree is accessed via a 574 // symbolic link. An atomic link swap is used when a new tree should be 575 // switched to. This parameter specifies the path to the symbolic link. 576 // Envoy will watch the location for changes and reload the file system tree 577 // when they happen. See documentation on runtime :ref:`atomicity 578 // <config_runtime_atomicity>` for further details on how reloads are 579 // treated. 580 string symlink_root = 1; 581 582 // Specifies the subdirectory to load within the root directory. This is 583 // useful if multiple systems share the same delivery mechanism. Envoy 584 // configuration elements can be contained in a dedicated subdirectory. 585 string subdirectory = 3; 586 587 // :ref:`Append <config_runtime_local_disk_service_cluster_subdirs>` the 588 // service cluster to the path under symlink root. 589 bool append_service_cluster = 2; 590 } 591 592 // :ref:`Admin console runtime <config_runtime_admin>` layer. 593 message AdminLayer { 594 option (udpa.annotations.versioning).previous_message_type = 595 "envoy.config.bootstrap.v2.RuntimeLayer.AdminLayer"; 596 } 597 598 // :ref:`Runtime Discovery Service (RTDS) <config_runtime_rtds>` layer. 599 message RtdsLayer { 600 option (udpa.annotations.versioning).previous_message_type = 601 "envoy.config.bootstrap.v2.RuntimeLayer.RtdsLayer"; 602 603 // Resource to subscribe to at ``rtds_config`` for the RTDS layer. 604 string name = 1; 605 606 // RTDS configuration source. 607 core.v3.ConfigSource rtds_config = 2; 608 } 609 610 // Descriptive name for the runtime layer. This is only used for the runtime 611 // :http:get:`/runtime` output. 612 string name = 1 [(validate.rules).string = {min_len: 1}]; 613 614 oneof layer_specifier { 615 option (validate.required) = true; 616 617 // :ref:`Static runtime <config_runtime_bootstrap>` layer. 618 // This follows the :ref:`runtime protobuf JSON representation encoding 619 // <config_runtime_proto_json>`. Unlike static xDS resources, this static 620 // layer is overridable by later layers in the runtime virtual filesystem. 621 google.protobuf.Struct static_layer = 2; 622 623 DiskLayer disk_layer = 3; 624 625 AdminLayer admin_layer = 4; 626 627 RtdsLayer rtds_layer = 5; 628 } 629} 630 631// Runtime :ref:`configuration overview <config_runtime>`. 632message LayeredRuntime { 633 option (udpa.annotations.versioning).previous_message_type = 634 "envoy.config.bootstrap.v2.LayeredRuntime"; 635 636 // The :ref:`layers <config_runtime_layering>` of the runtime. This is ordered 637 // such that later layers in the list overlay earlier entries. 638 repeated RuntimeLayer layers = 1; 639} 640 641// Used to specify the header that needs to be registered as an inline header. 642// 643// If request or response contain multiple headers with the same name and the header 644// name is registered as an inline header. Then multiple headers will be folded 645// into one, and multiple header values will be concatenated by a suitable delimiter. 646// The delimiter is generally a comma. 647// 648// For example, if 'foo' is registered as an inline header, and the headers contains 649// the following two headers: 650// 651// .. code-block:: text 652// 653// foo: bar 654// foo: eep 655// 656// Then they will eventually be folded into: 657// 658// .. code-block:: text 659// 660// foo: bar, eep 661// 662// Inline headers provide O(1) search performance, but each inline header imposes 663// an additional memory overhead on all instances of the corresponding type of 664// HeaderMap or TrailerMap. 665message CustomInlineHeader { 666 enum InlineHeaderType { 667 REQUEST_HEADER = 0; 668 REQUEST_TRAILER = 1; 669 RESPONSE_HEADER = 2; 670 RESPONSE_TRAILER = 3; 671 } 672 673 // The name of the header that is expected to be set as the inline header. 674 string inline_header_name = 1 675 [(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; 676 677 // The type of the header that is expected to be set as the inline header. 678 InlineHeaderType inline_header_type = 2 [(validate.rules).enum = {defined_only: true}]; 679} 680