1syntax = "proto3";
2
3package envoy.service.discovery.v3;
4
5import "envoy/config/core/v3/base.proto";
6
7import "google/protobuf/any.proto";
8import "google/protobuf/duration.proto";
9import "google/rpc/status.proto";
10
11import "udpa/annotations/status.proto";
12import "udpa/annotations/versioning.proto";
13import "validate/validate.proto";
14
15option java_package = "io.envoyproxy.envoy.service.discovery.v3";
16option java_outer_classname = "DiscoveryProto";
17option java_multiple_files = true;
18option go_package = "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3;discoveryv3";
19option (udpa.annotations.file_status).package_version_status = ACTIVE;
20
21// [#protodoc-title: Common discovery API components]
22
23// Specifies a resource to be subscribed to.
24message ResourceLocator {
25  // The resource name to subscribe to.
26  string name = 1;
27
28  // A set of dynamic parameters used to match against the dynamic parameter
29  // constraints on the resource. This allows clients to select between
30  // multiple variants of the same resource.
31  map<string, string> dynamic_parameters = 2;
32}
33
34// Specifies a concrete resource name.
35message ResourceName {
36  // The name of the resource.
37  string name = 1;
38
39  // Dynamic parameter constraints associated with this resource. To be used by client-side caches
40  // (including xDS proxies) when matching subscribed resource locators.
41  DynamicParameterConstraints dynamic_parameter_constraints = 2;
42}
43
44// A DiscoveryRequest requests a set of versioned resources of the same type for
45// a given Envoy node on some API.
46// [#next-free-field: 8]
47message DiscoveryRequest {
48  option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryRequest";
49
50  // The version_info provided in the request messages will be the version_info
51  // received with the most recent successfully processed response or empty on
52  // the first request. It is expected that no new request is sent after a
53  // response is received until the Envoy instance is ready to ACK/NACK the new
54  // configuration. ACK/NACK takes place by returning the new API config version
55  // as applied or the previous API config version respectively. Each type_url
56  // (see below) has an independent version associated with it.
57  string version_info = 1;
58
59  // The node making the request.
60  config.core.v3.Node node = 2;
61
62  // List of resources to subscribe to, e.g. list of cluster names or a route
63  // configuration name. If this is empty, all resources for the API are
64  // returned. LDS/CDS may have empty resource_names, which will cause all
65  // resources for the Envoy instance to be returned. The LDS and CDS responses
66  // will then imply a number of resources that need to be fetched via EDS/RDS,
67  // which will be explicitly enumerated in resource_names.
68  repeated string resource_names = 3;
69
70  // [#not-implemented-hide:]
71  // Alternative to ``resource_names`` field that allows specifying dynamic
72  // parameters along with each resource name. Clients that populate this
73  // field must be able to handle responses from the server where resources
74  // are wrapped in a Resource message.
75  // Note that it is legal for a request to have some resources listed
76  // in ``resource_names`` and others in ``resource_locators``.
77  repeated ResourceLocator resource_locators = 7;
78
79  // Type of the resource that is being requested, e.g.
80  // "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit
81  // in requests made via singleton xDS APIs such as CDS, LDS, etc. but is
82  // required for ADS.
83  string type_url = 4;
84
85  // nonce corresponding to DiscoveryResponse being ACK/NACKed. See above
86  // discussion on version_info and the DiscoveryResponse nonce comment. This
87  // may be empty only if 1) this is a non-persistent-stream xDS such as HTTP,
88  // or 2) the client has not yet accepted an update in this xDS stream (unlike
89  // delta, where it is populated only for new explicit ACKs).
90  string response_nonce = 5;
91
92  // This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
93  // failed to update configuration. The ``message`` field in ``error_details`` provides the Envoy
94  // internal exception related to the failure. It is only intended for consumption during manual
95  // debugging, the string provided is not guaranteed to be stable across Envoy versions.
96  google.rpc.Status error_detail = 6;
97}
98
99// [#next-free-field: 7]
100message DiscoveryResponse {
101  option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryResponse";
102
103  // The version of the response data.
104  string version_info = 1;
105
106  // The response resources. These resources are typed and depend on the API being called.
107  repeated google.protobuf.Any resources = 2;
108
109  // [#not-implemented-hide:]
110  // Canary is used to support two Envoy command line flags:
111  //
112  // * --terminate-on-canary-transition-failure. When set, Envoy is able to
113  //   terminate if it detects that configuration is stuck at canary. Consider
114  //   this example sequence of updates:
115  //   - Management server applies a canary config successfully.
116  //   - Management server rolls back to a production config.
117  //   - Envoy rejects the new production config.
118  //   Since there is no sensible way to continue receiving configuration
119  //   updates, Envoy will then terminate and apply production config from a
120  //   clean slate.
121  // * --dry-run-canary. When set, a canary response will never be applied, only
122  //   validated via a dry run.
123  bool canary = 3;
124
125  // Type URL for resources. Identifies the xDS API when muxing over ADS.
126  // Must be consistent with the type_url in the 'resources' repeated Any (if non-empty).
127  string type_url = 4;
128
129  // For gRPC based subscriptions, the nonce provides a way to explicitly ack a
130  // specific DiscoveryResponse in a following DiscoveryRequest. Additional
131  // messages may have been sent by Envoy to the management server for the
132  // previous version on the stream prior to this DiscoveryResponse, that were
133  // unprocessed at response send time. The nonce allows the management server
134  // to ignore any further DiscoveryRequests for the previous version until a
135  // DiscoveryRequest bearing the nonce. The nonce is optional and is not
136  // required for non-stream based xDS implementations.
137  string nonce = 5;
138
139  // The control plane instance that sent the response.
140  config.core.v3.ControlPlane control_plane = 6;
141}
142
143// DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC
144// endpoint for Delta xDS.
145//
146// With Delta xDS, the DeltaDiscoveryResponses do not need to include a full
147// snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a
148// diff to the state of a xDS client.
149// In Delta XDS there are per-resource versions, which allow tracking state at
150// the resource granularity.
151// An xDS Delta session is always in the context of a gRPC bidirectional
152// stream. This allows the xDS server to keep track of the state of xDS clients
153// connected to it.
154//
155// In Delta xDS the nonce field is required and used to pair
156// DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK.
157// Optionally, a response message level system_version_info is present for
158// debugging purposes only.
159//
160// DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest
161// can be either or both of: [1] informing the server of what resources the
162// client has gained/lost interest in (using resource_names_subscribe and
163// resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from
164// the server (using response_nonce, with presence of error_detail making it a NACK).
165// Additionally, the first message (for a given type_url) of a reconnected gRPC stream
166// has a third role: informing the server of the resources (and their versions)
167// that the client already possesses, using the initial_resource_versions field.
168//
169// As with state-of-the-world, when multiple resource types are multiplexed (ADS),
170// all requests/acknowledgments/updates are logically walled off by type_url:
171// a Cluster ACK exists in a completely separate world from a prior Route NACK.
172// In particular, initial_resource_versions being sent at the "start" of every
173// gRPC stream actually entails a message for each type_url, each with its own
174// initial_resource_versions.
175// [#next-free-field: 10]
176message DeltaDiscoveryRequest {
177  option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryRequest";
178
179  // The node making the request.
180  config.core.v3.Node node = 1;
181
182  // Type of the resource that is being requested, e.g.
183  // ``type.googleapis.com/envoy.api.v2.ClusterLoadAssignment``. This does not need to be set if
184  // resources are only referenced via ``xds_resource_subscribe`` and
185  // ``xds_resources_unsubscribe``.
186  string type_url = 2;
187
188  // DeltaDiscoveryRequests allow the client to add or remove individual
189  // resources to the set of tracked resources in the context of a stream.
190  // All resource names in the resource_names_subscribe list are added to the
191  // set of tracked resources and all resource names in the resource_names_unsubscribe
192  // list are removed from the set of tracked resources.
193  //
194  // *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or
195  // resource_names_unsubscribe list simply means that no resources are to be
196  // added or removed to the resource list.
197  // *Like* state-of-the-world xDS, the server must send updates for all tracked
198  // resources, but can also send updates for resources the client has not subscribed to.
199  //
200  // NOTE: the server must respond with all resources listed in resource_names_subscribe,
201  // even if it believes the client has the most recent version of them. The reason:
202  // the client may have dropped them, but then regained interest before it had a chance
203  // to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd.
204  //
205  // These two fields can be set in any DeltaDiscoveryRequest, including ACKs
206  // and initial_resource_versions.
207  //
208  // A list of Resource names to add to the list of tracked resources.
209  repeated string resource_names_subscribe = 3;
210
211  // A list of Resource names to remove from the list of tracked resources.
212  repeated string resource_names_unsubscribe = 4;
213
214  // [#not-implemented-hide:]
215  // Alternative to ``resource_names_subscribe`` field that allows specifying dynamic parameters
216  // along with each resource name.
217  // Note that it is legal for a request to have some resources listed
218  // in ``resource_names_subscribe`` and others in ``resource_locators_subscribe``.
219  repeated ResourceLocator resource_locators_subscribe = 8;
220
221  // [#not-implemented-hide:]
222  // Alternative to ``resource_names_unsubscribe`` field that allows specifying dynamic parameters
223  // along with each resource name.
224  // Note that it is legal for a request to have some resources listed
225  // in ``resource_names_unsubscribe`` and others in ``resource_locators_unsubscribe``.
226  repeated ResourceLocator resource_locators_unsubscribe = 9;
227
228  // Informs the server of the versions of the resources the xDS client knows of, to enable the
229  // client to continue the same logical xDS session even in the face of gRPC stream reconnection.
230  // It will not be populated: [1] in the very first stream of a session, since the client will
231  // not yet have any resources,  [2] in any message after the first in a stream (for a given
232  // type_url), since the server will already be correctly tracking the client's state.
233  // (In ADS, the first message *of each type_url* of a reconnected stream populates this map.)
234  // The map's keys are names of xDS resources known to the xDS client.
235  // The map's values are opaque resource versions.
236  map<string, string> initial_resource_versions = 5;
237
238  // When the DeltaDiscoveryRequest is a ACK or NACK message in response
239  // to a previous DeltaDiscoveryResponse, the response_nonce must be the
240  // nonce in the DeltaDiscoveryResponse.
241  // Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted.
242  string response_nonce = 6;
243
244  // This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
245  // failed to update configuration. The ``message`` field in ``error_details``
246  // provides the Envoy internal exception related to the failure.
247  google.rpc.Status error_detail = 7;
248}
249
250// [#next-free-field: 9]
251message DeltaDiscoveryResponse {
252  option (udpa.annotations.versioning).previous_message_type =
253      "envoy.api.v2.DeltaDiscoveryResponse";
254
255  // The version of the response data (used for debugging).
256  string system_version_info = 1;
257
258  // The response resources. These are typed resources, whose types must match
259  // the type_url field.
260  repeated Resource resources = 2;
261
262  // field id 3 IS available!
263
264  // Type URL for resources. Identifies the xDS API when muxing over ADS.
265  // Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty.
266  string type_url = 4;
267
268  // Resources names of resources that have be deleted and to be removed from the xDS Client.
269  // Removed resources for missing resources can be ignored.
270  repeated string removed_resources = 6;
271
272  // Alternative to removed_resources that allows specifying which variant of
273  // a resource is being removed. This variant must be used for any resource
274  // for which dynamic parameter constraints were sent to the client.
275  repeated ResourceName removed_resource_names = 8;
276
277  // The nonce provides a way for DeltaDiscoveryRequests to uniquely
278  // reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required.
279  string nonce = 5;
280
281  // [#not-implemented-hide:]
282  // The control plane instance that sent the response.
283  config.core.v3.ControlPlane control_plane = 7;
284}
285
286// A set of dynamic parameter constraints associated with a variant of an individual xDS resource.
287// These constraints determine whether the resource matches a subscription based on the set of
288// dynamic parameters in the subscription, as specified in the
289// :ref:`ResourceLocator.dynamic_parameters<envoy_v3_api_field_service.discovery.v3.ResourceLocator.dynamic_parameters>`
290// field. This allows xDS implementations (clients, servers, and caching proxies) to determine
291// which variant of a resource is appropriate for a given client.
292message DynamicParameterConstraints {
293  // A single constraint for a given key.
294  message SingleConstraint {
295    message Exists {
296    }
297
298    // The key to match against.
299    string key = 1;
300
301    oneof constraint_type {
302      option (validate.required) = true;
303
304      // Matches this exact value.
305      string value = 2;
306
307      // Key is present (matches any value except for the key being absent).
308      // This allows setting a default constraint for clients that do
309      // not send a key at all, while there may be other clients that need
310      // special configuration based on that key.
311      Exists exists = 3;
312    }
313  }
314
315  message ConstraintList {
316    repeated DynamicParameterConstraints constraints = 1;
317  }
318
319  oneof type {
320    // A single constraint to evaluate.
321    SingleConstraint constraint = 1;
322
323    // A list of constraints that match if any one constraint in the list
324    // matches.
325    ConstraintList or_constraints = 2;
326
327    // A list of constraints that must all match.
328    ConstraintList and_constraints = 3;
329
330    // The inverse (NOT) of a set of constraints.
331    DynamicParameterConstraints not_constraints = 4;
332  }
333}
334
335// [#next-free-field: 10]
336message Resource {
337  option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Resource";
338
339  // Cache control properties for the resource.
340  // [#not-implemented-hide:]
341  message CacheControl {
342    // If true, xDS proxies may not cache this resource.
343    // Note that this does not apply to clients other than xDS proxies, which must cache resources
344    // for their own use, regardless of the value of this field.
345    bool do_not_cache = 1;
346  }
347
348  // The resource's name, to distinguish it from others of the same type of resource.
349  // Only one of ``name`` or ``resource_name`` may be set.
350  string name = 3;
351
352  // Alternative to the ``name`` field, to be used when the server supports
353  // multiple variants of the named resource that are differentiated by
354  // dynamic parameter constraints.
355  // Only one of ``name`` or ``resource_name`` may be set.
356  ResourceName resource_name = 8;
357
358  // The aliases are a list of other names that this resource can go by.
359  repeated string aliases = 4;
360
361  // The resource level version. It allows xDS to track the state of individual
362  // resources.
363  string version = 1;
364
365  // The resource being tracked.
366  google.protobuf.Any resource = 2;
367
368  // Time-to-live value for the resource. For each resource, a timer is started. The timer is
369  // reset each time the resource is received with a new TTL. If the resource is received with
370  // no TTL set, the timer is removed for the resource. Upon expiration of the timer, the
371  // configuration for the resource will be removed.
372  //
373  // The TTL can be refreshed or changed by sending a response that doesn't change the resource
374  // version. In this case the resource field does not need to be populated, which allows for
375  // light-weight "heartbeat" updates to keep a resource with a TTL alive.
376  //
377  // The TTL feature is meant to support configurations that should be removed in the event of
378  // a management server failure. For example, the feature may be used for fault injection
379  // testing where the fault injection should be terminated in the event that Envoy loses contact
380  // with the management server.
381  google.protobuf.Duration ttl = 6;
382
383  // Cache control properties for the resource.
384  // [#not-implemented-hide:]
385  CacheControl cache_control = 7;
386
387  // The Metadata field can be used to provide additional information for the resource.
388  // E.g. the trace data for debugging.
389  config.core.v3.Metadata metadata = 9;
390}
391