From b89d33c2e3b6d6015c875ef01609e0a99edbdea2 Mon Sep 17 00:00:00 2001 From: Melisa Griffin Date: Fri, 8 Sep 2023 10:02:04 -0400 Subject: [PATCH] Adds PassiveHealthCheck Fields to ServiceDefaults and IngressGateway (#18532) Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../config-entries/ingress-gateway.mdx | 133 ++++---- .../config-entries/service-defaults.mdx | 287 +++++++++--------- 2 files changed, 226 insertions(+), 194 deletions(-) diff --git a/website/content/docs/connect/config-entries/ingress-gateway.mdx b/website/content/docs/connect/config-entries/ingress-gateway.mdx index e4dac5beb0a8a..dc41f134c44b7 100644 --- a/website/content/docs/connect/config-entries/ingress-gateway.mdx +++ b/website/content/docs/connect/config-entries/ingress-gateway.mdx @@ -42,9 +42,11 @@ The following list describes the configuration hierarchy, language-specific data - [`MaxPendingRequests`](#defaults-maxpendingrequests): number - [`MaxConcurrentRequests`](#defaults-maxconcurrentrequests): number - [`PassiveHealthCheck`](#defaults-passivehealthcheck): map - - [`interval`](#defaults-passivehealthcheck): number - - [`max_failures`](#defaults-passivehealthcheck): number - - [`enforcing_consecutive_5xx`](#defaults-passivehealthcheck): number + - [`Interval`](#defaults-passivehealthcheck): number + - [`MaxFailures`](#defaults-passivehealthcheck): number + - [`EnforcingConsecutive5xx`](#defaults-passivehealthcheck): number + - [`MaxEjectionPercent`](#defaults-passivehealthcheck): number + - [`BaseEjectionTime`](#defaults-passivehealthcheck): string - [`Listeners`](#listeners): list of maps - [`Port`](#listeners-port): number | `0` - [`Protocol`](#listeners-protocol): number | `tcp` @@ -69,9 +71,11 @@ The following list describes the configuration hierarchy, language-specific data - [`MaxPendingRequests`](#listeners-services-maxconnections): number | `0` - [`MaxConcurrentRequests`](#listeners-services-maxconnections): number | `0` - [`PassiveHealthCheck`](#listeners-services-passivehealthcheck): map - - [`interval`](#listeners-services-passivehealthcheck): number - - [`max_failures`](#listeners-services-passivehealthcheck): number - - [`enforcing_consecutive_5xx`](#listeners-services-passivehealthcheck): number + - [`Interval`](#listeners-services-passivehealthcheck): number + - [`MaxFailures`](#listeners-services-passivehealthcheck): number + - [`EnforcingConsecutive5xx`](#listeners-services-passivehealthcheck): number + - [`MaxEjectionPercent`](#listeners-services-passivehealthcheck): number + - [`BaseEjectionTime`](#listeners-services-passivehealthcheck): string - [`TLS`](#listeners-tls): map - [`Enabled`](#listeners-tls-enabled): boolean | `false` - [`TLSMinVersion`](#listeners-tls-tlsminversion): string | `TLSv1_2` @@ -104,9 +108,11 @@ The following list describes the configuration hierarchy, language-specific data - [`maxPendingRequests`](#spec-defaults-maxpendingrequests): number - [`maxConcurrentRequests`](#spec-defaults-maxconcurrentrequests): number - [`passiveHealthCheck`](#spec-defaults-passivehealthcheck): map - - [`interval`](#spec-defaults-passivehealthcheck): number | no proxy's default value - - [`max_failures`](#spec-defaults-passivehealthcheck): number | no proxy's default value - - [`enforcing_consecutive_5xx`](#spec-defaults-passivehealthcheck): number | proxy's default value + - [`interval`](#spec-defaults-passivehealthcheck): string + - [`maxFailures`](#spec-defaults-passivehealthcheck): integer + - [`enforcingConsecutive5xx`](#spec-defaults-passivehealthcheck): number + - [`maxEjectionPercent`](#spec-defaults-passivehealthcheck): number + - [`baseEjectionTime`](#spec-defaults-passivehealthcheck): string - [`listeners`](#spec-listeners): list of maps - [`port`](#spec-listeners-port): number | `0` - [`protocol`](#spec-listeners-protocol): number | `tcp` @@ -131,9 +137,11 @@ The following list describes the configuration hierarchy, language-specific data - [`maxPendingRequests`](#spec-listeners-services-maxconnections): number | `0` - [`maxConcurrentRequests`](#spec-listeners-services-maxconnections): number | `0` - [`passiveHealthCheck`](#spec-listeners-services-passivehealthcheck): map - - [`interval`](#spec-listeners-services-passivehealthcheck): number - - [`max_failures`](#spec-listeners-services-passivehealthcheck): number - - [`enforcing_consecutive_5xx`](#spec-listeners-services-passivehealthcheck): number + - [`interval`](#spec-listeners-services-passivehealthcheck): string + - [`maxFailures`](#spec-listeners-services-passivehealthcheck): number + - [`enforcingConsecutive5xx`](#spec-listeners-services-passivehealthcheck): number + - [`maxEjectionPercent`](#spec-listeners-services-passivehealthcheck): integer + - [`baseEjectionTime`](#spec-listeners-services-passivehealthcheck): string - [`tls`](#spec-listeners-tls): map - [`enabled`](#spec-listeners-tls-enabled): boolean | `false` - [`tlsMinVersion`](#spec-listeners-tls-tlsminversion): string | `TLSv1_2` @@ -176,13 +184,15 @@ TLS = { } } Defaults = { - MaxConnections = 0 - MaxPendingRequests = 0 - MaxConcurrentRequests = 0 + MaxConnections = + MaxPendingRequests = + MaxConcurrentRequests = PassiveHealthCheck = { - interval = 10 - max_failures = 5 - enforcing_consecutive_5xx = 100 + Interval = "" + MaxFailures = + EnforcingConsecutive5xx = + MaxEjectionPercent = + BaseEjectionTime = "" } } Listeners = [ @@ -229,9 +239,11 @@ Listeners = [ MaxPendingRequests = MaxConcurrentRequests = PassiveHealthCheck = { - interval = 10 - max_failures = 5 - enforcing_consecutive_5xx = 100 + Interval = "" + MaxFailures = + EnforcingConsecutive5xx = + MaxEjectionPercent = + BaseEjectionTime = "" } }] TLS = { @@ -271,13 +283,15 @@ spec: clusterName: certResource: defaults: - maxConnections: 0 - maxPendingRequests: 0 - maxConcurrentRequests: 0 + maxConnections: + maxPendingRequests: + maxConcurrentRequests: passiveHealthCheck: - interval: 10 - max_failures: 5 - enforcing_consecutive_5xx: 100 + interval: "" + maxFailures: + enforcingConsecutive5xx: + maxEjectionPercent: + baseEjectionTime: "" listeners: - port: 0 protocol: tcp @@ -292,7 +306,7 @@ spec: requestHeaderName: set: requestHeaderName: - remove: + remove: - responseHeaders: add: @@ -309,9 +323,11 @@ spec: maxPendingRequests: maxConcurrentRequests: passiveHealthCheck: - interval: 10 - max_failures: 5 - enforcing_consecutive_5xx: 100 + interval: "" + maxFailures: + enforcingConsecutive5xx: + maxEjectionPercent: + baseEjectionTime: "" tls: enabled: false tlsMinVersion: TLSv1_2 @@ -349,13 +365,15 @@ spec: } }, "Defaults" : { - "MaxConnections" : 0, - "MaxPendingRequests" : 0, - "MaxConcurrentRequests": 0, + "MaxConnections" : , + "MaxPendingRequests" : , + "MaxConcurrentRequests": , "PassiveHealthCheck" : { - "interval" : 10, - "max_failures" : 5, - "enforcing_consecutive_5xx" : 100 + "interval": ", + "maxFailures": , + "enforcingConsecutive5xx":, + "maxEjectionPercent": , + "baseEjectionTime": "" } }, "Listeners" : [ @@ -402,10 +420,11 @@ spec: "MaxPendingRequests" : , "MaxConcurrentRequests" : , "PassiveHealthCheck" : { - "interval" : 10, - "max_failures" : 5, - "enforcing_consecutive_5xx" : 100 - } + "interval": ", + "maxFailures": , + "enforcingConsecutive5xx":, + "maxEjectionPercent": , + "baseEjectionTime": "" } ], "TLS" : { @@ -632,9 +651,11 @@ The following table describes the configurations for passive health checks: | Parameter | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time in nanoseconds between checks. | Integer | Proxy's default configuration, which is `10` for Envoy | -| `max_failures` | Specifies the number of consecutive failures that cause a host to be removed from the upstream cluster. | Integer | Proxy's default configuration, which is `5` for Envoy | -| `enforcing_consecutive_5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | Proxy's default configuration, which is `100` for Envoy | + | `Interval` | Specifies the time between checks. | string | `0s` | + | `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | + | `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `Listeners[]` @@ -867,9 +888,11 @@ The following table describes the configurations for passive health checks: | Parameter | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time in nanoseconds between checks. | Integer | Proxy's default configuration, which is `10` for Envoy | -| `max_failures` | Specifies the number of consecutive failures that cause a host to be removed from the upstream cluster. | Integer | Proxy's default configuration, which is `5` for Envoy | -| `enforcing_consecutive_5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | Proxy's default configuration, which is `100` for Envoy | + | `Interval` | Specifies the time between checks. | string | `0s` | + | `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | + | `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `Listeners[].TLS` @@ -1163,9 +1186,11 @@ The following table describes the configurations for passive health checks: | Parameter | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time in nanoseconds between checks. | Integer | Proxy's default configuration, which is `10` for Envoy | -| `max_failures` | Specifies the number of consecutive failures that cause a host to be removed from the upstream cluster. | Integer | Proxy's default configuration, which is `5` for Envoy | -| `enforcing_consecutive_5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | Proxy's default configuration, which is `100` for Envoy | + | `Interval` | Specifies the time between checks. | string | `0s` | + | `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | + | `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `spec.listeners[]` @@ -1399,9 +1424,11 @@ The following table describes the configurations for passive health checks: | Parameter | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time in nanoseconds between checks. | Integer | Proxy's default configuration, which is `10` for Envoy | -| `max_failures` | Specifies the number of consecutive failures that cause a host to be removed from the upstream cluster. | Integer | Proxy's default configuration, which is `5` for Envoy | -| `enforcing_consecutive_5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | Proxy's default configuration, which is `100` for Envoy | + | `Interval` | Specifies the time between checks. | string | `0s` | + | `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | + | `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `spec.listeners[].tls` diff --git a/website/content/docs/connect/config-entries/service-defaults.mdx b/website/content/docs/connect/config-entries/service-defaults.mdx index bfce7cbd4d3a9..0498a2e4e8fc2 100644 --- a/website/content/docs/connect/config-entries/service-defaults.mdx +++ b/website/content/docs/connect/config-entries/service-defaults.mdx @@ -20,69 +20,69 @@ The following list outlines field hierarchy, language-specific data types, requi - [`Name`](#name): string | required - [`Namespace`](#namespace): string | `default` - [`Partition`](#partition): string | `default` -- [`Meta`](#meta): map +- [`Meta`](#meta): map - [`Protocol`](#protocol): string | `tcp` -- [`BalanceInboundConnections`](#balanceinboundconnections): string -- [`Mode`](#mode): string -- [`UpstreamConfig`](#upstreamconfig): map - - [`Overrides`](#upstreamconfig-overrides): map - - [`Name`](#upstreamconfig-overrides-name): string - - [`Namespace`](#upstreamconfig-overrides-namespace): string - - [`Peer`](#upstreamconfig-overrides-peer): string - - [`Protocol`](#upstreamconfig-overrides-protocol): string +- [`BalanceInboundConnections`](#balanceinboundconnections): string +- [`Mode`](#mode): string +- [`UpstreamConfig`](#upstreamconfig): map + - [`Overrides`](#upstreamconfig-overrides): map + - [`Name`](#upstreamconfig-overrides-name): string + - [`Namespace`](#upstreamconfig-overrides-namespace): string + - [`Peer`](#upstreamconfig-overrides-peer): string + - [`Protocol`](#upstreamconfig-overrides-protocol): string - [`ConnectTimeoutMs`](#upstreamconfig-overrides-connecttimeoutms): int | `5000` - - [`MeshGateway`](#upstreamconfig-overrides-meshgateway): map - - [`mode`](#upstreamconfig-overrides-meshgateway): string - - [`BalanceOutboundConnections`](#upstreamconfig-overrides-balanceoutboundconnections): string - - [`Limits`](#upstreamconfig-overrides-limits): map + - [`MeshGateway`](#upstreamconfig-overrides-meshgateway): map + - [`mode`](#upstreamconfig-overrides-meshgateway): string + - [`BalanceOutboundConnections`](#upstreamconfig-overrides-balanceoutboundconnections): string + - [`Limits`](#upstreamconfig-overrides-limits): map - [`MaxConnections`](#upstreamconfig-overrides-limits): number | `0` - [`MaxPendingRequests`](#upstreamconfig-overrides-limits): number | `0` - [`MaxConcurrentRequests`](#upstreamconfig-overrides-limits): number | `0` - - [`PassiveHealthCheck`](#upstreamconfig-overrides-passivehealthcheck): map + - [`PassiveHealthCheck`](#upstreamconfig-overrides-passivehealthcheck): map - [`Interval`](#upstreamconfig-overrides-passivehealthcheck): string | `0s` - - [`MaxFailures`](#upstreamconfig-overrides-passivehealthcheck): number | `0` - - [`EnforcingConsecutive5xx`](#upstreamconfig-overrides-passivehealthcheck): number | `0` - - [`MaxEjectionPercent`](#upstreamconfig-overrides-passivehealthcheck): number | `0` + - [`MaxFailures`](#upstreamconfig-overrides-passivehealthcheck): integer | `0` + - [`EnforcingConsecutive5xx`](#upstreamconfig-overrides-passivehealthcheck): integer | `0` + - [`MaxEjectionPercent`](#upstreamconfig-overrides-passivehealthcheck): integer | `0` - [`BaseEjectionTime`](#upstreamconfig-overrides-passivehealthcheck): string | `30s` - - [`Defaults`](#upstreamconfig-defaults): map - - [`Protocol`](#upstreamconfig-defaults-protocol): string - - [`ConnectTimeoutMs`](#upstreamconfig-defaults-connecttimeoutms): int | `5000` - - [`MeshGateway`](#upstreamconfig-defaults-meshgateway): map - - [`mode`](#upstreamconfig-defaults-meshgateway): string - - [`BalanceOutboundConnections`](#upstreamconfig-defaults-balanceoutboundconnections): string - - [`Limits`](#upstreamconfig-defaults-limits): map - - [`MaxConnections`](#upstreamconfig-defaults-limits): number | `0` - - [`MaxPendingRequests`](#upstreamconfig-defaults-limits): number | `0` - - [`MaxConcurrentRequests`](#upstreamconfig-defaults-limits): number | `0` - - [`PassiveHealthCheck`](#upstreamconfig-defaults-passivehealthcheck): map + - [`Defaults`](#upstreamconfig-defaults): map | no default + - [`Protocol`](#upstreamconfig-defaults-protocol): string | no default + - [`ConnectTimeoutMs`](#upstreamconfig-defaults-connecttimeoutms): int | default: `5000` + - [`MeshGateway`](#upstreamconfig-defaults-meshgateway): map | no default + - [`mode`](#upstreamconfig-defaults-meshgateway): string | no default + - [`BalanceOutboundConnections`](#upstreamconfig-defaults-balanceoutboundconnections): string | no default + - [`Limits`](#upstreamconfig-defaults-limits): map | optional + - [`MaxConnections`](#upstreamconfig-defaults-limits): integer | `0` + - [`MaxPendingRequests`](#upstreamconfig-defaults-limits): integer | `0` + - [`MaxConcurrentRequests`](#upstreamconfig-defaults-limits): integer | `0` + - [`PassiveHealthCheck`](#upstreamconfig-defaults-passivehealthcheck): map | optional - [`Interval`](#upstreamconfig-defaults-passivehealthcheck): string | `0s` - - [`MaxFailures`](#upstreamconfig-defaults-passivehealthcheck): number | `0` - - [`EnforcingConsecutive5xx`](#upstreamconfig-defaults-passivehealthcheck): number | `100` - - [`MaxEjectionPercent`](#upstreamconfig-defaults-passivehealthcheck): number | `0` + - [`MaxFailures`](#upstreamconfig-defaults-passivehealthcheck): integer | `0` + - [`EnforcingConsecutive5xx`](#upstreamconfig-defaults-passivehealthcheck): integer | `100` + - [`MaxEjectionPercent`](#upstreamconfig-defaults-passivehealthcheck): integer | `0` - [`BaseEjectionTime`](#upstreamconfig-defaults-passivehealthcheck): string | `30s` -- [`TransparentProxy`](#transparentproxy): map - - [`OutboundListenerPort`](#transparentproxy): number | `15001` +- [`TransparentProxy`](#transparentproxy): map | no default + - [`OutboundListenerPort`](#transparentproxy): integer | `15001` - [`DialedDirectly`](#transparentproxy ): boolean | `false` -- [`MutualTLSMode`](#mutualtlsmode): string -- [`EnvoyExtensions`](#envoyextensions): list - - [`Name`](#envoyextensions): string - - [`Required`](#envoyextensions): string - - [`Arguments`](#envoyextensions): map +- [`MutualTLSMode`](#mutualtlsmode): string +- [`EnvoyExtensions`](#envoyextensions): list + - [`Name`](#envoyextensions): string + - [`Required`](#envoyextensions): string + - [`Arguments`](#envoyextensions): map - [`ConsulVersion`](#envoyextensions): string - [`EnvoyVersion`](#envoyextensions): string -- [`Destination`](#destination): map - - [`Addresses`](#destination): list +- [`Destination`](#destination): map + - [`Addresses`](#destination): list - [`Port`](#destination): integer | `0` - [`MaxInboundConnections`](#maxinboundconnections): number | `0` - [`LocalConnectTimeoutMs`](#localconnecttimeoutms): number | `0` - [`LocalRequestTimeoutMs`](#localrequesttimeoutms): number | `0` -- [`MeshGateway`](#meshgateway): map - - [`Mode`](#meshgateway): string -- [`ExternalSNI`](#externalsni): string -- [`Expose`](#expose): map +- [`MeshGateway`](#meshgateway): map + - [`Mode`](#meshgateway): string +- [`ExternalSNI`](#externalsni): string +- [`Expose`](#expose): map - [`Checks`](#expose-checks): boolean | `false` - - [`Paths`](#expose-paths): list - - [`Path`](#expose-paths): string + - [`Paths`](#expose-paths): list + - [`Path`](#expose-paths): string - [`LocalPathPort`](#expose-paths): integer | `0` - [`ListenerPort`](#expose-paths): integer | `0` - [`Protocol`](#expose-paths): string | `http` @@ -91,73 +91,73 @@ The following list outlines field hierarchy, language-specific data types, requi - [`apiVersion`](#apiversion): string | required | must be set to `consul.hashicorp.com/v1alpha1` -- [`kind`](#kind): string -- [`metadata`](#metadata): map - - [`name`](#name): string +- [`kind`](#kind): string +- [`metadata`](#metadata): map + - [`name`](#name): string - [`namespace`](#namespace): string | `default`` | -- [`spec`](#spec): map +- [`spec`](#spec): map - [`protocol`](#protocol): string | `tcp` - - [`balanceInboundConnections`](#balanceinboundconnections): string - - [`mode`](#mode): string - - [`upstreamConfig`](#upstreamconfig): map - - [`overrides`](#upstreamconfig-overrides): list - - [`name`](#upstreamconfig-overrides-name): string - - [`namespace`](#upstreamconfig-overrides-namespace): string - - [`peer`](#upstreamconfig-overrides-peer): string - - [`protocol`](#upstreamconfig-overrides-protocol): string + - [`balanceInboundConnections`](#balanceinboundconnections): string + - [`mode`](#mode): string + - [`upstreamConfig`](#upstreamconfig): map + - [`overrides`](#upstreamconfig-overrides): list + - [`name`](#upstreamconfig-overrides-name): string + - [`namespace`](#upstreamconfig-overrides-namespace): string + - [`peer`](#upstreamconfig-overrides-peer): string + - [`protocol`](#upstreamconfig-overrides-protocol): string - [`connectTimeoutMs`](#upstreamconfig-overrides-connecttimeoutms): number | `5000` - - [`meshGateway`](#upstreamconfig-overrides-meshgateway): map - - [`mode`](#upstreamconfig-overrides-meshgateway): string - - [`balanceOutboundConnections`](#overrides-balanceoutboundconnections): string - - [`limits`](#upstreamconfig-overrides-limits): map + - [`meshGateway`](#upstreamconfig-overrides-meshgateway): map + - [`mode`](#upstreamconfig-overrides-meshgateway): string + - [`balanceOutboundConnections`](#overrides-balanceoutboundconnections): string + - [`limits`](#upstreamconfig-overrides-limits): map - [`maxConnections`](#upstreamconfig-overrides-limits): number | `0` - [`maxPendingRequests`](#upstreamconfig-overrides-limits): number | `0` - [`maxConcurrentRequests`](#upstreamconfig-overrides-limits): number | `0` - - [`passiveHealthCheck`](#upstreamconfig-overrides-passivehealthcheck): map + - [`passiveHealthCheck`](#upstreamconfig-overrides-passivehealthcheck): map - [`interval`](#upstreamconfig-overrides-passivehealthcheck): string | `0s` - - [`maxFailures`](#upstreamconfig-overrides-passivehealthcheck): number | `0` - - [`enforcingConsecutive5xx`](#upstreamconfig-overrides-passivehealthcheck): number | `100` - - [`maxEjectionPercent`](#upstreamconfig-overrides-passivehealthcheck): number | `10` + - [`maxFailures`](#upstreamconfig-overrides-passivehealthcheck): integer | `0` + - [`enforcingConsecutive5xx`](#upstreamconfig-overrides-passivehealthcheck): integer | `100` + - [`maxEjectionPercent`](#upstreamconfig-overrides-passivehealthcheck): integer | `10` - [`baseEjectionTime`](#upstreamconfig-overrides-passivehealthcheck): string | `30s` - - [`defaults`](#upstreamconfig-defaults): map - - [`protocol`](#upstreamconfig-defaults-protocol): string - - [`connectTimeoutMs`](#upstreamconfig-defaults-connecttimeoutms): number | `5000` - - [`meshGateway`](#upstreamconfig-defaults-meshgateway): map - - [`mode`](#upstreamconfig-defaults-meshgateway): string - - [`balanceOutboundConnections`](#upstreamconfig-defaults-balanceoutboundconnections): string - - [`limits`](#upstreamconfig-defaults-limits): map - - [`maxConnections`](#upstreamconfig-defaults-limits): number | `0` - - [`maxPendingRequests`](#upstreamconfig-defaults-limits): number | `0` - - [`maxConcurrentRequests`](#upstreamconfig-defaults-limits): number | `0` - - [`passiveHealthCheck`](#upstreamconfig-defaults-passivehealthcheck): map + - [`defaults`](#upstreamconfig-defaults): map | no default + - [`protocol`](#upstreamconfig-defaults-protocol): string | no default + - [`connectTimeoutMs`](#upstreamconfig-defaults-connecttimeoutms): int | default: `5000` + - [`meshGateway`](#upstreamconfig-defaults-meshgateway): map | no default + - [`mode`](#upstreamconfig-defaults-meshgateway): string | no default + - [`balanceOutboundConnections`](#upstreamconfig-defaults-balanceoutboundconnections): string | no default + - [`limits`](#upstreamconfig-defaults-limits): map | optional + - [`maxConnections`](#upstreamconfig-defaults-limits): integer | `0` + - [`maxPendingRequests`](#upstreamconfig-defaults-limits): integer | `0` + - [`maxConcurrentRequests`](#upstreamconfig-defaults-limits): integer | `0` + - [`passiveHealthCheck`](#upstreamconfig-defaults-passivehealthcheck): map | optional - [`interval`](#upstreamconfig-defaults-passivehealthcheck): string | `0s` - - [`maxFailures`](#upstreamconfig-defaults-passivehealthcheck): number | `0` - - [`enforcingConsecutive5xx`](#upstreamconfig-defaults-passivehealthcheck): number | `100` - - [`maxEjectionPercent`](#upstreamconfig-defaults-passivehealthcheck): number | `10` + - [`maxFailures`](#upstreamconfig-defaults-passivehealthcheck): integer | `0` + - [`enforcingConsecutive5xx`](#upstreamconfig-defaults-passivehealthcheck): integer | `100` + - [`maxEjectionPercent`](#upstreamconfig-defaults-passivehealthcheck): integer | `10` - [`baseEjectionTime`](#upstreamconfig-defaults-passivehealthcheck): string | `30s` - - [`transparentProxy`](#transparentproxy): map - - [`outboundListenerPort`](#transparentproxy): number | `15001` + - [`transparentProxy`](#transparentproxy): map | no default + - [`outboundListenerPort`](#transparentproxy): integer | `15001` - [`dialedDirectly`](#transparentproxy): boolean | `false` - - [`mutualTLSMode`](#mutualtlsmode): string - - [`envoyExtensions`](#envoyextensions): list - - [`name`](#envoyextensions): string - - [`required`](#envoyextensions): string - - [`arguments`](#envoyextensions): map - - [`consulVersion`](#envoyextensions): string - - [`envoyVersion`](#envoyextensions): string - - [`destination`](#destination): map - - [`addresses`](#destination): list + - [`mutualTLSMode`](#mutualtlsmode): string + - [`envoyExtensions`](#envoyextensions): list + - [`name`](#envoyextensions): string + - [`required`](#envoyextensions): string + - [`arguments`](#envoyextensions): map + - [`consulVersion`](#envoyextensions): string + - [`envoyVersion`](#envoyextensions): string + - [`destination`](#destination): map + - [`addresses`](#destination): list - [`port`](#destination): number | `0` - [`maxInboundConnections`](#maxinboundconnections): number | `0` - [`localConnectTimeoutMs`](#localconnecttimeoutms): number | `0` - [`localRequestTimeoutMs`](#localrequesttimeoutms): number | `0` - - [`meshGateway`](#meshgateway): map - - [`mode`](#meshgateway): string - - [`externalSNI`](#externalsni): string - - [`expose`](#expose): map + - [`meshGateway`](#meshgateway): map + - [`mode`](#meshgateway): string + - [`externalSNI`](#externalsni): string + - [`expose`](#expose): map - [`checks`](#expose-checks): boolean | `false` - - [`paths`](#expose-paths): list - - [`path`](#expose-paths): string + - [`paths`](#expose-paths): list + - [`path`](#expose-paths): string - [`localPathPort`](#expose-paths): number | `0` - [`listenerPort`](#expose-paths): number | `0` - [`protocol`](#expose-paths): string | `http` @@ -200,9 +200,9 @@ UpstreamConfig = { MaxConcurrentRequests = 0 } PassiveHealthCheck = { - Interval = "0s" - MaxFailures = 0 - EnforcingConsecutive5xx = 100 + Interval = "5s" + MaxFailures = 5 + EnforcingConsecutive5xx = 99 MaxEjectionPercent = 10 BaseEjectionTime = "30s" } @@ -220,9 +220,9 @@ UpstreamConfig = { MaxConcurrentRequests = 0 } PassiveHealthCheck = { - Interval = "0s" - MaxFailures = 0 - EnforcingConsecutive5xx = 100 + Interval = "1s" + MaxFailures = 1 + EnforcingConsecutive5xx = 89 MaxEjectionPercent = 10 BaseEjectionTime = "30s" } @@ -297,9 +297,11 @@ spec: maxPendingRequests: 0 maxConcurrentRequests: 0 passiveHealthCheck: - interval: "0s" + interval: "10s" maxFailures: 0 enforcingConsecutive5xx: 100 + maxEjectionPercent: 10 + baseEjectionTime: "30s" defaults: protocol: connectTimeoutMs: 5000 @@ -311,20 +313,22 @@ spec: maxPendingRequests: 0 maxConcurrentRequests: 0 passiveHealthCheck: - interval: 0s + interval: "0s" maxFailures: 0 enforcingConsecutive5xx: 100 + maxEjectionPercent: 10 + baseEjectionTime: "30s" transparentProxy: outboundListenerPort: 15001 dialedDirectly: false mutualTLSMode: strict - envoyExtensions: + envoyExtensions: - name: required: false - arguments: + arguments: - consulVersion: - envoyVersion: + envoyVersion: destination: addresses: - @@ -375,12 +379,13 @@ spec: "MaxPendingRequests": 0, "MaxConcurrentRequests": 0 }, - "PassiveHealthCheck": { - "Interval": "0s", - "MaxFailures": 0, - "EnforcingConsecutive5xx": 100, - "MaxEjectionPercent": 10, - "BaseEjectionTime": "30s" + "passiveHealthCheck": { + "interval": "0s", + "maxFailures": 0, + "enforcingConsecutive5xx": 100, + "maxEjectionPercent": 10, + "baseEjectionTime": "30s", + }, } }] }, @@ -396,12 +401,12 @@ spec: "MaxPendingRequests": 0, "MaxConcurrentRequests": 0 }, - "PassiveHealthCheck": { - "Interval": "0s", - "MaxFailures": 0, - "EnforcingConsecutive5xx": 100, - "MaxEjectionPercent": 10, - "BaseEjectionTime": "30s" + "passiveHealthCheck": { + "interval": "0s", + "maxFailures": 0, + "enforcingConsecutive5xx": 100, + "maxEjectionPercent": 10, + "baseEjectionTime": "30s", } }, "TransparentProxy": { @@ -663,11 +668,11 @@ The following table describes passive health check parameters you can configure: | Limit | Description | Data type | Default | | --- | --- | --- | --- | -| `Interval` | Specifies the time between checks. | String | `0s` | -| `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | Integer | `0` | -| `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | `100` | - | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | Integer | `10` | - | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | String | `30s` | +| `Interval` | Specifies the time between checks. | string | `0s` | +| `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | +| `EnforcingConsecutive5xx` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `UpstreamConfig.Defaults` @@ -729,11 +734,11 @@ Map that specifies a set of rules that enable Consul to remove hosts from the up | Limit | Description | Data type | Default | | --- | --- | --- | --- | -| `Interval` | Specifies the time between checks. | String | `0s` | -| `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | Integer | `0` | -| `EnforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | `100` | - | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | Integer | `10` | - | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | String | `30s` | +| `Interval` | Specifies the time between checks. | string | `0s` | +| `MaxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | +| `EnforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `TransparentProxy` @@ -1061,11 +1066,11 @@ The following table describes passive health check parameters you can configure: | Limit | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time between checks. | String | `0s` | -| `maxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | Integer | `0` | -| `enforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | `100` | - | `maxEjectionPercent` | The maximum % of an upstream cluster that can be ejected due to outlier detection. Defaults to 10% but will eject at least one host regardless of the value. | Integer | `10` | - | `baseEjectionTime` | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults to 30000ms or 30s. | String | `30s` | +| `interval` | Specifies the time between checks. | string | `0s` | +| `maxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | +| `enforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `maxEjectionPercent` | The maximum % of an upstream cluster that can be ejected due to outlier detection. Defaults to 10% but will eject at least one host regardless of the value. | integer | `10` | + | `baseEjectionTime` | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults to 30000ms or 30s. | string | `30s` | ### `spec.upstreamConfig.defaults` @@ -1140,11 +1145,11 @@ The following table describes the health check parameters you can configure: | Limit | Description | Data type | Default | | --- | --- | --- | --- | -| `interval` | Specifies the time between checks. | String | `0s` | -| `maxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | Integer | `0` | -| `enforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | Integer | `100` | - | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | Integer | `10` | - | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | String | `30s` | +| `interval` | Specifies the time between checks. | string | `0s` | +| `maxFailures` | Specifies the number of consecutive failures allowed per check interval. If exceeded, Consul removes the host from the load balancer. | integer | `0` | +| `enforcingConsecutive5xx ` | Specifies a percentage that indicates how many times out of 100 that Consul ejects the host when it detects an outlier status. The outlier status is determined by consecutive errors in the 500-599 response range. | integer | `100` | + | `MaxEjectionPercent` | Specifies the maximum percentage of an upstream cluster that Consul ejects when the proxy reports an outlier. Consul ejects at least one host when an outlier is detected regardless of the value. | integer | `10` | + | `BaseEjectionTime` | Specifies the minimum amount of time that an ejected host must remain outside the cluster before rejoining. The real time is equal to the value of the `BaseEjectionTime` multiplied by the number of times the host has been ejected. | string | `30s` | ### `spec.transparentProxy` @@ -2171,4 +2176,4 @@ Reading a `service-defaults` config entry requires `service:read` on the resourc Creating, updating, or deleting a `service-defaults` config entry requires `service:write` on the resource. ---> \ No newline at end of file +-->