From 6a0a8bfad30fe469c73800c47c59e1fa906d6395 Mon Sep 17 00:00:00 2001 From: "kumahq[bot]" <110050114+kumahq[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 14:35:09 +0200 Subject: [PATCH] chore(deps): update docs from repo source (#1445) * chore(deps): update docs from repo source Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> * chore(2.4.x): add sidebar Signed-off-by: Charly Molter :9000/8080/health/readiness where 9000 is virtualProbesPort + virtualProbesEnabled: true # ENV: KUMA_RUNTIME_KUBERNETES_VIRTUAL_PROBES_ENABLED + # VirtualProbesPort is a port for exposing virtual probes which are not secured by mTLS + virtualProbesPort: 9000 # ENV: KUMA_RUNTIME_KUBERNETES_VIRTUAL_PROBES_PORT + # CaCertFile is CA certificate which will be used to verify a connection to the control plane. + caCertFile: # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_CA_CERT_FILE + # SidecarContainer defines configuration of the Kuma sidecar container. + sidecarContainer: + # Image name. + image: kuma/kuma-dp:latest # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_IMAGE + # Redirect port for inbound traffic. + redirectPortInbound: 15006 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_REDIRECT_PORT_INBOUND + # Redirect port for inbound traffic. + redirectPortInboundV6: 15010 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_REDIRECT_PORT_INBOUND_V6 + # Redirect port for outbound traffic. + redirectPortOutbound: 15001 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_REDIRECT_PORT_OUTBOUND + # User ID. + uid: 5678 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_UID + # Group ID. + gid: 5678 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_GUI + # Drain time for listeners. + drainTime: 30s # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_DRAIN_TIME + # Readiness probe. + readinessProbe: + # Number of seconds after the container has started before readiness probes are initiated. + initialDelaySeconds: 1 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_READINESS_PROBE_INITIAL_DELAY_SECONDS + # Number of seconds after which the probe times out. + timeoutSeconds: 3 # ENV : KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_READINESS_PROBE_TIMEOUT_SECONDS + # Number of seconds after which the probe times out. + periodSeconds: 5 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_READINESS_PROBE_PERIOD_SECONDS + # Minimum consecutive successes for the probe to be considered successful after having failed. + successThreshold: 1 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_READINESS_PROBE_SUCCESS_THRESHOLD + # Minimum consecutive failures for the probe to be considered failed after having succeeded. + failureThreshold: 12 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_READINESS_PROBE_FAILURE_THRESHOLD + # Liveness probe. + livenessProbe: + # Number of seconds after the container has started before liveness probes are initiated. + initialDelaySeconds: 60 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_LIVENESS_PROBE_INITIAL_DELAY_SECONDS + # Number of seconds after which the probe times out. + timeoutSeconds: 3 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_LIVENESS_PROBE_TIMEOUT_SECONDS + # How often (in seconds) to perform the probe. + periodSeconds: 5 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_LIVENESS_PROBE_PERIOD_SECONDS + # Minimum consecutive failures for the probe to be considered failed after having succeeded. + failureThreshold: 12 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_LIVENESS_PROBE_FAILURE_THRESHOLD + # Compute resource requirements. + resources: + # Minimum amount of compute resources required. + requests: + # CPU, in cores. (500m = .5 cores) + cpu: 50m # ENV: KUMA_INJECTOR_SIDECAR_CONTAINER_RESOURCES_REQUESTS_CPU + # Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) + memory: 64Mi # ENV: KUMA_INJECTOR_SIDECAR_CONTAINER_RESOURCES_REQUESTS_MEMORY + # Maximum amount of compute resources allowed. + limits: + # CPU, in cores. (500m = .5 cores) + cpu: 1000m # ENV: KUMA_INJECTOR_SIDECAR_CONTAINER_RESOURCES_LIMITS_CPU + # Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024) + memory: 512Mi # ENV: KUMA_INJECTOR_SIDECAR_CONTAINER_RESOURCES_LIMITS_MEMORY + # Additional environment variables that can be placed on Kuma DP sidecar + envVars: {} # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_ENV_VARS + # InitContainer defines configuration of the Kuma init container + initContainer: + # Image name. + image: kuma/kuma-init:latest # ENV: KUMA_INJECTOR_INIT_CONTAINER_IMAGE + # ContainerPatches is an optional list of ContainerPatch names which will be applied + # to init and sidecar containers if workload is not annotated with a patch list. + containerPatches: [ ] # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_CONTAINER_PATCHES + # Configuration for a traffic that is intercepted by sidecar + sidecarTraffic: + # List of inbound ports that will be excluded from interception. + # This setting is applied on every pod unless traffic.kuma.io/exclude-inbound-ports annotation is specified on Pod. + excludeInboundPorts: [ ] # ENV: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_INBOUND_PORTS + # List of outbound ports that will be excluded from interception. + # This setting is applied on every pod unless traffic.kuma.io/exclude-oubound-ports annotation is specified on Pod. + excludeOutboundPorts: [ ] # ENV: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_OUTBOUND_PORTS + builtinDNS: + # Use the built-in DNS + enabled: true # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_BUILTIN_DNS_ENABLED + # Redirect port for DNS + port: 15053 # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_BUILTIN_DNS_PORT + transparentProxyV1: false # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_TRANSPARENT_PROXY_V1 + # EBPF defines configuration for the ebpf, when transparent proxy is marked to be + # installed using ebpf instead of iptables + ebpf: + # Install transparent proxy using ebpf + enabled: false # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_ENABLED + # Name of the environmental variable which will include IP address of the pod + instanceIPEnvVarName: INSTANCE_IP # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_INSTANCE_IP_ENV_VAR_NAME + # Path where BPF file system will be mounted for pinning ebpf programs and maps + bpffsPath: /sys/fs/bpf # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_BPFFS_PATH + # Path of mounted cgroup2 + cgroupPath: /sys/fs/cgroup # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_CGROUP_PATH + # Name of the network interface which should be used to attach to it TC programs + # when not specified, we will try to automatically determine it + tcAttachIface: "" # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_TC_ATTACH_IFACE + # Path where compiled eBPF programs are placed + programsSourcePath: /kuma/ebpf # ENV: KUMA_RUNTIME_KUBERNETES_INJECTOR_EBPF_PROGRAMS_SOURCE_PATH + marshalingCacheExpirationTime: 5m # ENV: KUMA_RUNTIME_KUBERNETES_MARSHALING_CACHE_EXPIRATION_TIME + # Kubernetes's resources reconciliation concurrency configuration + controllersConcurrency: + # PodController defines maximum concurrent reconciliations of Pod resources + # Default value 10. If set to 0 kube controller-runtime default value of 1 will be used. + podController: 10 # ENV: KUMA_RUNTIME_KUBERNETES_CONTROLLERS_CONCURRENCY_POD_CONTROLLER + # Kubernetes client configuration + clientConfig: + # Qps defines maximum requests kubernetes client is allowed to make per second. + # Default value 100. If set to 0 kube-client default value of 5 will be used. + qps: 100 # ENV: KUMA_RUNTIME_KUBERNETES_CLIENT_CONFIG_QPS + # BurstQps defines maximum burst requests kubernetes client is allowed to make per second + # Default value 100. If set to 0 kube-client default value of 10 will be used. + burstQps: 100 # ENV: KUMA_RUNTIME_KUBERNETES_CLIENT_CONFIG_BURST_QPS + leaderElection: + # LeaseDuration is the duration that non-leader candidates will + # wait to force acquire leadership. This is measured against time of + # last observed ack. Default is 15 seconds. + leaseDuration: 15s # ENV: KUMA_RUNTIME_KUBERNETES_LEADER_ELECTION_LEASE_DURATION + # RenewDeadline is the duration that the acting controlplane will retry + # refreshing leadership before giving up. Default is 10 seconds. + renewDeadline: 10s # ENV: KUMA_RUNTIME_KUBERNETES_LEADER_ELECTION_RENEW_DEADLINE + # Universal-specific configuration + universal: + # DataplaneCleanupAge defines how long Dataplane should be offline to be cleaned up by GC + dataplaneCleanupAge: 72h0m0s # ENV: KUMA_RUNTIME_UNIVERSAL_DATAPLANE_CLEANUP_AGE + +# Default Kuma entities configuration +defaults: + # If true, it skips creating the default Mesh + skipMeshCreation: false # ENV: KUMA_DEFAULTS_SKIP_MESH_CREATION + # If true, it skips creating the default tenant resources + skipTenantResources: false # ENV: KUMA_DEFAULTS_SKIP_TENANT_RESOURCES + +# Metrics configuration +metrics: + dataplane: + # How many latest subscriptions will be stored in DataplaneInsight object, if equals 0 then unlimited + subscriptionLimit: 2 # ENV: KUMA_METRICS_DATAPLANE_SUBSCRIPTION_LIMIT + # How long data plane proxy can stay Online without active xDS connection + idleTimeout: 5m # ENV: KUMA_METRICS_DATAPLANE_IDLE_TIMEOUT + zone: + # How many latest subscriptions will be stored in ZoneInsights object, if equals 0 then unlimited + subscriptionLimit: 10 # ENV: KUMA_METRICS_ZONE_SUBSCRIPTION_LIMIT + # How long zone can stay Online without active KDS connection + idleTimeout: 5m # ENV: KUMA_METRICS_ZONE_IDLE_TIMEOUT + mesh: + # Minimum time between 2 refresh of insights + minResyncInterval: 1s # ENV: KUMA_METRICS_MESH_MIN_RESYNC_INTERVAL + # time between triggering a full refresh of all the insights + fullResyncInterval: 20s # ENV: KUMA_METRICS_MESH_FULL_RESYNC_INTERVAL + # the size of the buffer between event creation and processing + bufferSize: 1000 # ENV: KUMA_METRICS_MESH_BUFFER_SIZE + controlPlane: + # If true metrics show number of resources in the system should be reported + reportResourcesCount: true # ENV: KUMA_METRICS_CONTROL_PLANE_REPORT_RESOURCES_COUNT + +# Reports configuration +reports: + # If true then usage stats will be reported + enabled: false # ENV: KUMA_REPORTS_ENABLED + +# General configuration +general: + # dnsCacheTTL represents duration for how long Kuma CP will cache result of resolving dataplane's domain name + dnsCacheTTL: 10s # ENV: KUMA_GENERAL_DNS_CACHE_TTL + # TlsCertFile defines a path to a file with PEM-encoded TLS cert that will be used across all the Kuma Servers. + tlsCertFile: # ENV: KUMA_GENERAL_TLS_CERT_FILE + # TlsKeyFile defines a path to a file with PEM-encoded TLS key that will be used across all the Kuma Servers. + tlsKeyFile: # ENV: KUMA_GENERAL_TLS_KEY_FILE + # TlsMinVersion the minimum version of TLS used across all the Kuma Servers. + tlsMinVersion: "TLSv1_2" # ENV: KUMA_GENERAL_TLS_MIN_VERSION + # TlsMaxVersion the maximum version of TLS used across all the Kuma Servers. + tlsMaxVersion: # ENV: KUMA_GENERAL_TLS_MAX_VERSION + # TlsCipherSuites the list of cipher suites to be used across all the Kuma Servers. + tlsCipherSuites: [] # ENV: KUMA_GENERAL_TLS_CIPHER_SUITES + # WorkDir defines a path to the working directory + # Kuma stores in this directory autogenerated entities like certificates. + # If empty then the working directory is $HOME/.kuma + workDir: "" # ENV: KUMA_GENERAL_WORK_DIR + +# DNS Server configuration +dnsServer: + # The domain that the server will resolve the services for + domain: "mesh" # ENV: KUMA_DNS_SERVER_DOMAIN + # The CIDR range used to allocate + CIDR: "240.0.0.0/4" # ENV: KUMA_DNS_SERVER_CIDR + # Will create a service ".mesh" dns entry for every service. + serviceVipEnabled: true # ENV: KUMA_DNS_SERVER_SERVICE_VIP_ENABLED + # The port to use along with the `.mesh` dns entry + serviceVipPort: 80 # ENV: KUMA_DNS_SERVICE_SERVICE_VIP_PORT + +# Multizone mode +multizone: + global: + kds: + # Port of a gRPC server that serves Kuma Discovery Service (KDS). + grpcPort: 5685 # ENV: KUMA_MULTIZONE_GLOBAL_KDS_GRPC_PORT + # Interval for refreshing state of the world + refreshInterval: 1s # ENV: KUMA_MULTIZONE_GLOBAL_KDS_REFRESH_INTERVAL + # Interval for flushing Zone Insights (stats of multi-zone communication) + zoneInsightFlushInterval: 10s # ENV: KUMA_MULTIZONE_GLOBAL_KDS_ZONE_INSIGHT_FLUSH_INTERVAL + # TlsEnabled turns on TLS for KDS + tlsEnabled: true # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_ENABLED + # TlsCertFile defines a path to a file with PEM-encoded TLS cert. + tlsCertFile: # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_CERT_FILE + # TlsKeyFile defines a path to a file with PEM-encoded TLS key. + tlsKeyFile: # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_KEY_FILE + # TlsMinVersion the minimum version of TLS + tlsMinVersion: "TLSv1_2" # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_MIN_VERSION + # TlsMaxVersion the maximum version of TLS + tlsMaxVersion: # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_MAX_VERSION + # TlsCipherSuites the list of cipher suites + tlsCipherSuites: [] # ENV: KUMA_MULTIZONE_GLOBAL_KDS_TLS_CIPHER_SUITES + # MaxMsgSize defines a maximum size of the message in bytes that is exchanged using KDS. + # In practice this means a limit on full list of one resource type. + maxMsgSize: 10485760 # ENV: KUMA_MULTIZONE_GLOBAL_KDS_MAX_MSG_SIZE + # MsgSendTimeout defines a timeout on sending a single KDS message. + # KDS stream between control planes is terminated if the control plane hits this timeout. + msgSendTimeout: 60s # ENV: KUMA_MULTIZONE_GLOBAL_KDS_MSG_SEND_TIMEOUT + # Backoff that is executed when the global control plane is sending the response that was previously rejected by zone control plane + nackBackoff: 5s # ENV: KUMA_MULTIZONE_GLOBAL_KDS_NACK_BACKOFF + zone: + # Kuma Zone name used to mark the zone dataplane resources + name: "" # ENV: KUMA_MULTIZONE_ZONE_NAME + # GlobalAddress URL of Global Kuma CP + globalAddress: # ENV KUMA_MULTIZONE_ZONE_GLOBAL_ADDRESS + kds: + # Interval for refreshing state of the world + refreshInterval: 1s # ENV: KUMA_MULTIZONE_ZONE_KDS_REFRESH_INTERVAL + # RootCAFile defines a path to a file with PEM-encoded Root CA. Client will verify server by using it. + rootCaFile: # ENV: KUMA_MULTIZONE_ZONE_KDS_ROOT_CA_FILE + # If true, TLS connection to the server won't be verified. + tlsSkipVerify: false # ENV: KUMA_MULTIZONE_ZONE_KDS_TLS_SKIP_VERIFY + # MaxMsgSize defines a maximum size of the message in bytes that is exchanged using KDS. + # In practice this means a limit on full list of one resource type. + maxMsgSize: 10485760 # ENV: KUMA_MULTIZONE_ZONE_KDS_MAX_MSG_SIZE + # MsgSendTimeout defines a timeout on sending a single KDS message. + # KDS stream between control planes is terminated if the control plane hits this timeout. + msgSendTimeout: 60s # ENV: KUMA_MULTIZONE_ZONE_KDS_MSG_SEND_TIMEOUT + # Backoff that is executed when the zone control plane is sending the response that was previously rejected by global control plane + nackBackoff: 5s # ENV: KUMA_MULTIZONE_ZONE_KDS_NACK_BACKOFF + +# Diagnostics configuration +diagnostics: + # Port of Diagnostic Server for checking health and readiness of the Control Plane + serverPort: 5680 # ENV: KUMA_DIAGNOSTICS_SERVER_PORT + # If true, enables https://golang.org/pkg/net/http/pprof/ debug endpoints + debugEndpoints: false # ENV: KUMA_DIAGNOSTICS_DEBUG_ENDPOINTS + # Whether tls is enabled or not + tlsEnabled: false # ENV: KUMA_DIAGNOSTICS_TLS_ENABLED + # TlsCertFile defines a path to a file with PEM-encoded TLS cert. If empty, autoconfigured from general.tlsCertFile + tlsCertFile: # ENV: KUMA_DIAGNOSTICS_TLS_CERT_FILE + # TlsKeyFile defines a path to a file with PEM-encoded TLS key. If empty, autoconfigured from general.tlsKeyFile + tlsKeyFile: # ENV: KUMA_DIAGNOSTICS_TLS_KEY_FILE + # TlsMinVersion the minimum version of TLS + tlsMinVersion: "TLSv1_2" # ENV: KUMA_DIAGNOSTICS_TLS_MIN_VERSION + # TlsMaxVersion the maximum version of TLS + tlsMaxVersion: # ENV: KUMA_DIAGNOSTICS_TLS_MAX_VERSION + # TlsCipherSuites the list of cipher suites + tlsCipherSuites: [] # ENV: KUMA_DIAGNOSTICS_TLS_CIPHER_SUITES + +# Dataplane Server configuration that servers API like Bootstrap/XDS for the Dataplane. +dpServer: + # Port of the DP Server + port: 5678 # ENV: KUMA_DP_SERVER_PORT + # TlsCertFile defines a path to a file with PEM-encoded TLS cert. If empty, autoconfigured from general.tlsCertFile + tlsCertFile: # ENV: KUMA_DP_SERVER_TLS_CERT_FILE + # TlsKeyFile defines a path to a file with PEM-encoded TLS key. If empty, autoconfigured from general.tlsKeyFile + tlsKeyFile: # ENV: KUMA_DP_SERVER_TLS_KEY_FILE + # TlsMinVersion the minimum version of TLS + tlsMinVersion: "TLSv1_2" # ENV: KUMA_DP_SERVER_TLS_MIN_VERSION + # TlsMaxVersion the maximum version of TLS + tlsMaxVersion: # ENV: KUMA_DP_SERVER_TLS_MAX_VERSION + # TlsCipherSuites the list of cipher suites + tlsCipherSuites: [] # ENV: KUMA_DP_SERVER_TLS_CIPHER_SUITES + # ReadHeaderTimeout defines the amount of time DP server will be allowed + # to read request headers. The connection's read deadline is reset + # after reading the headers and the Handler can decide what is considered + # too slow for the body. If ReadHeaderTimeout is zero there is no timeout. + # The timeout is configurable as in rare cases, when Kuma CP was restarting, + # 1s which is explicitly set in other servers was insufficient and DPs + # were failing to reconnect (we observed this in Projected Service Account + # Tokens e2e tests, which started flaking a lot after introducing explicit + # 1s timeout) + readHeaderTimeout: 5s # ENV: KUMA_DP_SERVER_READ_HEADER_TIMEOUT + # Auth defines an authentication configuration for the DP Server + # DEPRECATED: use "authn" section. + auth: + # Type of authentication. Available values: "serviceAccountToken", "dpToken", "none". + # If empty, autoconfigured based on the environment - "serviceAccountToken" on Kubernetes, "dpToken" on Universal. + type: "" # ENV: KUMA_DP_SERVER_AUTH_TYPE + # Authn defines an authentication configuration for the DP Server + authn: + # Configuration for data plane proxy authentication. + dpProxy: + # Type of authentication. Available values: "serviceAccountToken", "dpToken", "none". + # If empty, autoconfigured based on the environment - "serviceAccountToken" on Kubernetes, "dpToken" on Universal. + type: "" + # Configuration of dpToken authentication method + dpToken: + # If true the control plane token issuer is enabled. It's recommended to set it to false when all the tokens are issued offline. + enableIssuer: true + # DP Token validator configuration. + validator: + # If true then Kuma secrets with prefix "dataplane-token-signing-key-{mesh}" are considered as signing keys. + useSecrets: true + # List of public keys used to validate the token. Example: + # - kid: 1 + # mesh: default + # key: | + # -----BEGIN RSA PUBLIC KEY----- + # MIIBCgKCAQEAq.... + # -----END RSA PUBLIC KEY----- + # - kid: 2 + # mesh: demo + # keyFile: /keys/public.pem + publicKeys: [] + # Configuration for zone proxy authentication. + zoneProxy: + # Type of authentication. Available values: "serviceAccountToken", "zoneToken", "none". + # If empty, autoconfigured based on the environment - "serviceAccountToken" on Kubernetes, "zoneToken" on Universal. + type: "" + # Configuration for zoneToken authentication method. + zoneToken: + # If true the control plane token issuer is enabled. It's recommended to set it to false when all the tokens are issued offline. + enableIssuer: true + # Zone Token validator configuration. + validator: + # If true then Kuma secrets with prefix "zone-token-signing-key" are considered as signing keys. + useSecrets: true + # List of public keys used to validate the token. Example: + # - kid: 1 + # key: | + # -----BEGIN RSA PUBLIC KEY----- + # MIIBCgKCAQEAq.... + # -----END RSA PUBLIC KEY----- + # - kid: 2 + # keyFile: /keys/public.pem + publicKeys: [] + # If true then Envoy uses Google gRPC instead of Envoy gRPC which lets a proxy reload the auth data (service account token, dp token etc.) stored in the file without proxy restart. + enableReloadableTokens: false # ENV: KUMA_DP_SERVER_AUTHN_ENABLE_RELOADABLE_TOKENS + # Hds defines a Health Discovery Service configuration + hds: + # Enabled if true then Envoy will actively check application's ports, but only on Universal. + # On Kubernetes this feature disabled for now regardless the flag value + enabled: true # ENV: KUMA_DP_SERVER_HDS_ENABLED + # Interval for Envoy to send statuses for HealthChecks + interval: 5s # ENV: KUMA_DP_SERVER_HDS_INTERVAL + # RefreshInterval is an interval for re-genarting configuration for Dataplanes connected to the Control Plane + refreshInterval: 10s # ENV: KUMA_DP_SERVER_HDS_REFRESH_INTERVAL + # Check defines a HealthCheck configuration + checkDefaults: + # Timeout is a time to wait for a health check response. If the timeout is reached the + # health check attempt will be considered a failure + timeout: 2s # ENV: KUMA_DP_SERVER_HDS_CHECK_TIMEOUT + # Interval between health checks + interval: 1s # ENV: KUMA_DP_SERVER_HDS_CHECK_INTERVAL + # NoTrafficInterval is a special health check interval that is used when a cluster has + # never had traffic routed to it + noTrafficInterval: 1s # ENV: KUMA_DP_SERVER_HDS_CHECK_NO_TRAFFIC_INTERVAL + # HealthyThreshold is a number of healthy health checks required before a host is marked healthy + healthyThreshold: 1 # ENV: KUMA_DP_SERVER_HDS_CHECK_HEALTHY_THRESHOLD + # UnhealthyThreshold is a number of unhealthy health checks required before a host is marked unhealthy + unhealthyThreshold: 1 # ENV: KUMA_DP_SERVER_HDS_CHECK_UNHEALTHY_THRESHOLD + +# Intercommunication CP configuration +interCp: + # Catalog configuration. Catalog keeps a record of all live CP instances in the zone. + catalog: + # Indicates an address on which other control planes can communicate with this CP. + # If empty then it's autoconfigured by taking the first IP of the nonloopback network interface. + instanceAddress: "" # ENV: KUMA_INTER_CP_CATALOG_INSTANCE_ADDRESS + # Interval on which CP will send heartbeat to a leader. + heartbeatInterval: 5s # ENV: KUMA_INTER_CP_CATALOG_HEARTBEAT_INTERVAL + # Interval on which CP will write all instances to a catalog. + writerInterval: 15s # ENV: KUMA_INTER_CP_CATALOG_WRITER_INTERVAL + # Intercommunication CP server configuration + server: + # Port of the inter-cp server + port: 5683 # ENV: KUMA_INTER_CP_SERVER_PORT + # TlsMinVersion the minimum version of TLS + tlsMinVersion: "TLSv1_2" # ENV: KUMA_INTER_CP_SERVER_TLS_MIN_VERSION + # TlsMaxVersion the maximum version of TLS + tlsMaxVersion: # ENV: KUMA_INTER_CP_SERVER_TLS_MAX_VERSION + # TlsCipherSuites the list of cipher suites + tlsCipherSuites: [ ] # ENV: KUMA_INTER_CP_SERVER_TLS_CIPHER_SUITES + +# Access Control configuration +access: + # Type of access strategy (available values: "static") + type: static + # Configuration of static access strategy + static: + # AdminResources defines an access to admin resources (Secret/GlobalSecret) + adminResources: + # List of users that are allowed to access admin resources + users: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_ADMIN_RESOURCES_USERS + # List of groups that are allowed to access admin resources + groups: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_ADMIN_RESOURCES_GROUPS + # GenerateDPToken defines an access to generating dataplane token + generateDpToken: + # List of users that are allowed to generate dataplane token + users: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_DP_TOKEN_USERS + # List of groups that are allowed to generate dataplane token + groups: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_DP_TOKEN_GROUPS + # GenerateUserToken defines an access to generating user token + generateUserToken: + # List of users that are allowed to generate user token + users: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_USER_TOKEN_USERS + # List of groups that are allowed to generate user token + groups: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_USER_TOKEN_GROUPS + # GenerateZoneToken defines an access to generating zone token + generateZoneToken: + # List of users that are allowed to generate zone token + users: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_ZONE_TOKEN_USERS + # List of groups that are allowed to generate zone token + groups: ["mesh-system:admin"] # ENV: KUMA_ACCESS_STATIC_GENERATE_ZONE_TOKEN_GROUPS + viewConfigDump: + # List of users that are allowed to get envoy config dump + users: [ ] # ENV: KUMA_ACCESS_STATIC_GET_CONFIG_DUMP_USERS + # List of groups that are allowed to get envoy config dump + groups: ["mesh-system:unauthenticated","mesh-system:authenticated"] # ENV: KUMA_ACCESS_STATIC_GET_CONFIG_DUMP_GROUPS + viewStats: + # List of users that are allowed to get envoy stats + users: [ ] # ENV: KUMA_ACCESS_STATIC_VIEW_STATS_USERS + # List of groups that are allowed to get envoy stats + groups: ["mesh-system:unauthenticated","mesh-system:authenticated"] # ENV: KUMA_ACCESS_STATIC_VIEW_STATS_GROUPS + viewClusters: + # List of users that are allowed to get envoy clusters + users: [ ] # ENV: KUMA_ACCESS_STATIC_VIEW_CLUSTERS_USERS + # List of groups that are allowed to get envoy clusters + groups: ["mesh-system:unauthenticated","mesh-system:authenticated"] # ENV: KUMA_ACCESS_STATIC_VIEW_CLUSTERS_GROUPS + +# Configuration of experimental features of Kuma +experimental: + # If true, experimental Gateway API is enabled + gatewayAPI: false # ENV: KUMA_EXPERIMENTAL_GATEWAY_API + # If true, instead of embedding kubernetes outbounds into Dataplane object, they are persisted next to VIPs in ConfigMap + # This can improve performance, but it should be enabled only after all instances are migrated to version that supports this config + kubeOutboundsAsVIPs: true # ENV: KUMA_EXPERIMENTAL_KUBE_OUTBOUNDS_AS_VIPS + # Tag first virtual outbound model is compressed version of default Virtual Outbound model + # It is recommended to use tag first model for deployments with more than 2k services + # You can enable this flag on existing deployment. In order to downgrade cp with this flag enabled + # you need to first disable this flag and redeploy cp, after config is rewritten to default + # format you can downgrade your cp + useTagFirstVirtualOutboundModel: false # ENV: KUMA_EXPERIMENTAL_USE_TAG_FIRST_VIRTUAL_OUTBOUND_MODEL + # If true, KDS will sync using incremental xDS updates + kdsDeltaEnabled: false # ENV: KUMA_EXPERIMENTAL_KDS_DELTA_ENABLED + # List of prefixes that will be used to filter out tags by keys from ingress' available services section. + # This can trim the size of the ZoneIngress object significantly. + # The drawback is that you cannot use filtered out tags for traffic routing. + # If empty, no filter is applied. + ingressTagFilters: [] # ENV: KUMA_EXPERIMENTAL_INGRESS_TAG_FILTERS + +proxy: + gateway: + # Sets the envoy runtime value to limit maximum number of incoming + # connections to a builtin gateway data plane proxy + globalDownstreamMaxConnections: 50000 # ENV: KUMA_PROXY_GATEWAY_GLOBAL_DOWNSTREAM_MAX_CONNECTIONS + +tracing: + openTelemetry: + endpoint: "" # e.g. otel-collector:4317 diff --git a/app/docs/2.4.x/protos/CertificateAuthorityBackend.json b/app/docs/2.4.x/protos/CertificateAuthorityBackend.json new file mode 100644 index 000000000..275569b17 --- /dev/null +++ b/app/docs/2.4.x/protos/CertificateAuthorityBackend.json @@ -0,0 +1,98 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/CertificateAuthorityBackend", + "definitions": { + "CertificateAuthorityBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend" + }, + "type": { + "type": "string", + "description": "Type of the backend. Has to be one of the loaded plugins (Kuma ships with builtin and provided)" + }, + "dpCert": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert", + "additionalProperties": true, + "description": "Dataplane certificate settings" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + }, + "mode": { + "enum": [ + "STRICT", + 0, + "PERMISSIVE", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Mode" + }, + "rootChain": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.RootChain", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Certificate Authority Backend", + "description": "CertificateAuthorityBackend defines Certificate Authority backend" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert": { + "properties": { + "rotation": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert.Rotation", + "additionalProperties": true, + "description": "Rotation settings" + }, + "requestTimeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Timeout on request to CA for DP certificate generation and retrieval", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dp Cert", + "description": "DpCert defines settings for certificates generated for Dataplanes" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert.Rotation": { + "properties": { + "expiration": { + "type": "string", + "description": "Time after which generated certificate for Dataplane will expire" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rotation", + "description": "Rotation defines rotation settings for Dataplane certificate" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.RootChain": { + "properties": { + "requestTimeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Timeout on request for to CA for root certificate chain. If not specified, defaults to 10s.", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Root Chain", + "description": "RootChain defines settings related to CA root certificate chain." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/CircuitBreaker.json b/app/docs/2.4.x/protos/CircuitBreaker.json new file mode 100644 index 000000000..f5d016d2a --- /dev/null +++ b/app/docs/2.4.x/protos/CircuitBreaker.json @@ -0,0 +1,198 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/CircuitBreaker", + "definitions": { + "CircuitBreaker": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Circuit Breaker", + "description": "CircuitBreaker defines circuit breaking policy for dataplane's outbound" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf": { + "properties": { + "interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Time interval between ejection analysis sweeps", + "format": "regex" + }, + "baseEjectionTime": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected", + "format": "regex" + }, + "maxEjectionPercent": { + "additionalProperties": true, + "type": "integer", + "description": "The maximum percent of an upstream cluster that can be ejected due to outlier detection, has to be in [0 - 100] range" + }, + "splitExternalAndLocalErrors": { + "type": "boolean", + "description": "Enables Split Mode in which local and external errors are distinguished" + }, + "detectors": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors", + "additionalProperties": true + }, + "thresholds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Thresholds", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors": { + "properties": { + "totalErrors": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Errors", + "additionalProperties": true, + "description": "Errors with status code 5xx and locally originated errors, in Split Mode - just errors with status code 5xx" + }, + "gatewayErrors": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Errors", + "additionalProperties": true, + "description": "Subset of 'total' related to gateway errors (502, 503 or 504 status code)" + }, + "localErrors": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Errors", + "additionalProperties": true, + "description": "Takes into account only in Split Mode, number of locally originated errors" + }, + "standardDeviation": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.StandardDeviation", + "additionalProperties": true + }, + "failure": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Failure", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Detectors" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Errors": { + "properties": { + "consecutive": { + "additionalProperties": true, + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Errors", + "description": "Detector based on counting consecutive number of errors" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.Failure": { + "properties": { + "requestVolume": { + "additionalProperties": true, + "type": "integer", + "description": "Ignore hosts with less number of requests than 'requestVolume'" + }, + "minimumHosts": { + "additionalProperties": true, + "type": "integer", + "description": "Won't count success rate for cluster if number of hosts with required 'requestVolume' is less than 'minimumHosts'" + }, + "threshold": { + "additionalProperties": true, + "type": "integer", + "description": "Eject host if failure percentage of a given host is greater than or equal to this value, has to be in [0 - 100] range" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Failure", + "description": "Detection based on success rate, but threshold is set explicitly (unlike 'standardDeviation')" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf.Detectors.StandardDeviation": { + "properties": { + "requestVolume": { + "additionalProperties": true, + "type": "integer", + "description": "Ignore hosts with less number of requests than 'requestVolume'" + }, + "minimumHosts": { + "additionalProperties": true, + "type": "integer", + "description": "Won't count success rate for cluster if number of hosts with required 'requestVolume' is less than 'minimumHosts'" + }, + "factor": { + "additionalProperties": true, + "type": "number", + "description": "Resulting threshold = mean - (stdev * factor)" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Standard Deviation", + "description": "Detection based on success rate, aggregated from every host in the cluser" + }, + "kuma.mesh.v1alpha1.CircuitBreaker.Conf.Thresholds": { + "properties": { + "maxConnections": { + "additionalProperties": true, + "type": "integer", + "description": "The maximum number of connections that Envoy will make to the upstream cluster. If not specified, the default is 1024." + }, + "maxPendingRequests": { + "additionalProperties": true, + "type": "integer", + "description": "The maximum number of pending requests that Envoy will allow to the upstream cluster. If not specified, the default is 1024." + }, + "maxRetries": { + "additionalProperties": true, + "type": "integer", + "description": "The maximum number of parallel retries that Envoy will allow to the upstream cluster. If not specified, the default is 3." + }, + "maxRequests": { + "additionalProperties": true, + "type": "integer", + "description": "The maximum number of parallel requests that Envoy will make to the upstream cluster. If not specified, the default is 1024." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Thresholds" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ClustersRequest.json b/app/docs/2.4.x/protos/ClustersRequest.json new file mode 100644 index 000000000..7c9612d2c --- /dev/null +++ b/app/docs/2.4.x/protos/ClustersRequest.json @@ -0,0 +1,30 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ClustersRequest", + "definitions": { + "ClustersRequest": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID of a request so we can correlate requests with response on one stream." + }, + "resource_type": { + "type": "string", + "description": "Type of resource (Dataplane, ZoneIngress, ZoneEgress)" + }, + "resource_name": { + "type": "string", + "description": "Name of the resource on which we execute kuma-dp clusters request." + }, + "resource_mesh": { + "type": "string", + "description": "Mesh of the resource on which we execute kuma-dp clusters request. Should be empty for ZoneIngress, ZoneEgress." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Clusters Request", + "description": "ClustersRequest is a request for kuma-dp clusters that is executed on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ClustersResponse.json b/app/docs/2.4.x/protos/ClustersResponse.json new file mode 100644 index 000000000..2c6802f17 --- /dev/null +++ b/app/docs/2.4.x/protos/ClustersResponse.json @@ -0,0 +1,28 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ClustersResponse", + "definitions": { + "ClustersResponse": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID that was set by the Global CP." + }, + "error": { + "type": "string", + "description": "Error that was captured by the Zone CP when executing kuma-dp clusters request." + }, + "clusters": { + "type": "string", + "description": "The clusters content that is a successful result of kuma-dp clusters execution.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Clusters Response", + "description": "ClustersResponse is a response containing result of kuma-dp clusters execution on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DatadogTracingBackendConfig.json b/app/docs/2.4.x/protos/DatadogTracingBackendConfig.json new file mode 100644 index 000000000..e6f53ec54 --- /dev/null +++ b/app/docs/2.4.x/protos/DatadogTracingBackendConfig.json @@ -0,0 +1,25 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DatadogTracingBackendConfig", + "definitions": { + "DatadogTracingBackendConfig": { + "properties": { + "address": { + "type": "string", + "description": "Address of datadog collector." + }, + "port": { + "type": "integer", + "description": "Port of datadog collector" + }, + "splitService": { + "type": "boolean", + "description": "Determines if datadog service name should be split based on traffic direction and destination. For example, with `splitService: true` and a `backend` service that communicates with a couple of databases, you would get service names like `backend_INBOUND`, `backend_OUTBOUND_db1`, and `backend_OUTBOUND_db2` in Datadog. Default: false" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Datadog Tracing Backend Config" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Dataplane.json b/app/docs/2.4.x/protos/Dataplane.json new file mode 100644 index 000000000..a6888446a --- /dev/null +++ b/app/docs/2.4.x/protos/Dataplane.json @@ -0,0 +1,325 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Dataplane", + "definitions": { + "Dataplane": { + "properties": { + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking", + "additionalProperties": true, + "description": "Networking describes inbound and outbound interfaces of the data plane proxy." + }, + "metrics": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MetricsBackend", + "additionalProperties": true, + "description": "Configuration for metrics that should be collected and exposed by the data plane proxy. Settings defined here will override their respective defaults defined at a Mesh level." + }, + "probes": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Probes", + "additionalProperties": true, + "description": "Probes describe a list of endpoints that will be exposed without mTLS. This is useful to expose the health endpoints of the application so the orchestration system (e.g. Kubernetes) can still health check the application. See https://kuma.io/docs/latest/policies/service-health-probes/#virtual-probes for more information." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane", + "description": "Dataplane defines a configuration of a side-car proxy." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking": { + "properties": { + "address": { + "type": "string", + "description": "IP on which the data plane proxy is accessible to the control plane and other data plane proxies in the same network. This can also be a hostname, in which case the control plane will periodically resolve it." + }, + "advertisedAddress": { + "type": "string", + "description": "In some situations, a data plane proxy resides in a private network (e.g. Docker) and is not reachable via `address` to other data plane proxies. `advertisedAddress` is configured with a routable address for such data plane proxy so that other proxies in the mesh can connect to it over `advertisedAddress` and not via address. Envoy still binds to the `address`, not `advertisedAddress`." + }, + "gateway": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Gateway", + "additionalProperties": true, + "description": "Gateway describes a configuration of the gateway of the data plane proxy." + }, + "inbound": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound" + }, + "type": "array", + "description": "Inbound describes a list of inbound interfaces of the data plane proxy. Inbound describes a service implemented by the data plane proxy. All incoming traffic to a data plane proxy is going through inbound listeners. For every defined Inbound there is a corresponding Envoy Listener." + }, + "outbound": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Outbound" + }, + "type": "array", + "description": "Outbound describes a list of services consumed by the data plane proxy. For every defined Outbound, there is a corresponding Envoy Listener." + }, + "transparent_proxying": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.TransparentProxying", + "additionalProperties": true, + "description": "TransparentProxying describes the configuration for transparent proxying. It is used by default on Kubernetes." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin describes configuration related to Envoy Admin API. Due to security, all the Envoy Admin endpoints are exposed only on localhost. Additionally, Envoy will expose `/ready` endpoint on `networking.address` for health checking systems to be able to check the state of Envoy. The rest of the endpoints exposed on `networking.address` are always protected by mTLS and only meant to be consumed internally by the control plane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking", + "description": "Networking describes inbound and outbound interfaces of a data plane proxy." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Gateway": { + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with a gateway of this data plane to, e.g. `kuma.io/service=gateway`, `env=prod`. `kuma.io/service` tag is mandatory." + }, + "type": { + "enum": [ + "DELEGATED", + 0, + "BUILTIN", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Gateway Type" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Gateway", + "description": "Gateway describes a service that ingress should not be proxied." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound": { + "properties": { + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service. When transparent proxying is used, it is a port on which the service is listening to. When transparent proxying is not used, Envoy will bind to this port." + }, + "servicePort": { + "type": "integer", + "description": "Port of the service that requests will be forwarded to. Defaults to the same value as `port`." + }, + "serviceAddress": { + "type": "string", + "description": "Address of the service that requests will be forwarded to. Defaults to 'inbound.address', since Kuma DP should be deployed next to the service." + }, + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed. Defaults to `networking.address`." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with an application this data plane proxy is deployed next to, e.g. `kuma.io/service=web`, `version=1.0`. You can then reference these tags in policies like MeshTrafficPermission. `kuma.io/service` tag is mandatory." + }, + "health": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.Health", + "additionalProperties": true, + "description": "Health describes the status of an inbound. If 'health' is nil we consider data plane proxy as healthy. Unhealthy data plane proxies are excluded from Endpoints Discovery Service (EDS). On Kubernetes, it is filled automatically by the control plane if Pod has readiness probe configured. On Universal, it can be set by the external health checking system, but the most common way is to use service probes. See https://kuma.io/docs/latest/documentation/health for more information." + }, + "serviceProbe": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe", + "additionalProperties": true, + "description": "ServiceProbe defines parameters for probing the service next to sidecar. When service probe is defined, Envoy will periodically health check the application next to it and report the status to the control plane. On Kubernetes, Kuma deployments rely on Kubernetes probes so this is not used. See https://kuma.io/docs/latest/documentation/health for more information." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Inbound", + "description": "Inbound describes a service implemented by the data plane proxy. All incoming traffic to a data plane proxy are going through inbound listeners. For every defined Inbound there is a corresponding Envoy Listener." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.Health": { + "properties": { + "ready": { + "type": "boolean", + "description": "Ready indicates if the data plane proxy is ready to serve the traffic." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Health", + "description": "Health describes the status of an inbound" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe": { + "properties": { + "interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Interval between consecutive health checks.", + "format": "regex" + }, + "timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Maximum time to wait for a health check response.", + "format": "regex" + }, + "unhealthy_threshold": { + "additionalProperties": true, + "type": "integer", + "description": "Number of consecutive unhealthy checks before considering a host unhealthy." + }, + "healthy_threshold": { + "additionalProperties": true, + "type": "integer", + "description": "Number of consecutive healthy checks before considering a host healthy." + }, + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe.Tcp", + "additionalProperties": true, + "description": "Tcp checker tries to establish tcp connection with destination" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Service Probe", + "description": "ServiceProbe defines parameters for probing service's port" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe.Tcp": { + "additionalProperties": true, + "type": "object", + "title": "Tcp" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Outbound": { + "properties": { + "address": { + "type": "string", + "description": "IP on which the consumed service will be available to this data plane proxy. On Kubernetes, it's usually ClusterIP of a Service or PodIP of a Headless Service. Defaults to 127.0.0.1" + }, + "port": { + "type": "integer", + "description": "Port on which the consumed service will be available to this data plane proxy. When transparent proxying is not used, Envoy will bind to this port." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags of consumed data plane proxies. `kuma.io/service` tag is required. These tags can then be referenced in `destinations` section of policies like TrafficRoute or in `to` section in policies like MeshAccessLog. It is recommended to only use `kuma.io/service`. If you need to consume specific data plane proxy of a service (for example: `version=v2`) the better practice is to use TrafficRoute." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Outbound", + "description": "Outbound describes a service consumed by the data plane proxy. For every defined Outbound there is a corresponding Envoy Listener." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.TransparentProxying": { + "properties": { + "redirect_port_inbound": { + "type": "integer", + "description": "Port on which all inbound traffic is being transparently redirected." + }, + "redirect_port_outbound": { + "type": "integer", + "description": "Port on which all outbound traffic is being transparently redirected." + }, + "direct_access_services": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of services that will be accessed directly via IP:PORT Use `*` to indicate direct access to every service in the Mesh. Using `*` to directly access every service is a resource-intensive operation, use it only if needed." + }, + "redirect_port_inbound_v6": { + "type": "integer", + "description": "Port on which all IPv6 inbound traffic is being transparently redirected." + }, + "reachable_services": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of reachable services (represented by the value of `kuma.io/service`) via transparent proxying. Setting an explicit list can dramatically improve the performance of the mesh. If not specified, all services in the mesh are reachable." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Transparent Proxying", + "description": "TransparentProxying describes configuration for transparent proxying." + }, + "kuma.mesh.v1alpha1.Dataplane.Probes": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which the probe endpoints will be exposed. This cannot overlap with any other ports." + }, + "endpoints": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Probes.Endpoint" + }, + "type": "array", + "description": "List of endpoints to expose without mTLS." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Probes" + }, + "kuma.mesh.v1alpha1.Dataplane.Probes.Endpoint": { + "properties": { + "inbound_port": { + "type": "integer", + "description": "Inbound port is a port of the application from which we expose the endpoint." + }, + "inbound_path": { + "type": "string", + "description": "Inbound path is a path of the application from which we expose the endpoint. It is recommended to be as specific as possible." + }, + "path": { + "type": "string", + "description": "Path is a path on which we expose inbound path on the probes port." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Endpoint" + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.MetricsBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.metrics.enabledBackend" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'prometheus')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics Backend", + "description": "MetricsBackend defines metric backends" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DataplaneInsight.json b/app/docs/2.4.x/protos/DataplaneInsight.json new file mode 100644 index 000000000..1188b51e1 --- /dev/null +++ b/app/docs/2.4.x/protos/DataplaneInsight.json @@ -0,0 +1,232 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DataplaneInsight", + "definitions": { + "DataplaneInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Dataplane." + }, + "mTLS": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DataplaneInsight.MTLS", + "additionalProperties": true, + "description": "Insights about mTLS for Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Insight", + "description": "DataplaneInsight defines the observed state of a Dataplane." + }, + "kuma.mesh.v1alpha1.DataplaneInsight.MTLS": { + "properties": { + "certificate_expiration_time": { + "type": "string", + "description": "Expiration time of the last certificate that was generated for a Dataplane.", + "format": "date-time" + }, + "last_certificate_regeneration": { + "type": "string", + "description": "Time on which the last certificate was generated.", + "format": "date-time" + }, + "certificate_regenerations": { + "type": "integer", + "description": "Number of certificate regenerations for a Dataplane." + }, + "issuedBackend": { + "type": "string", + "description": "Backend that was used to generate current certificate" + }, + "supportedBackends": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Supported backends (CA)." + } + }, + "additionalProperties": true, + "type": "object", + "title": "MTLS", + "description": "MTLS defines insights for mTLS" + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DataplaneOverview.json b/app/docs/2.4.x/protos/DataplaneOverview.json new file mode 100644 index 000000000..04e4385b8 --- /dev/null +++ b/app/docs/2.4.x/protos/DataplaneOverview.json @@ -0,0 +1,567 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DataplaneOverview", + "definitions": { + "DataplaneOverview": { + "properties": { + "dataplane": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane", + "additionalProperties": true + }, + "dataplane_insight": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DataplaneInsight", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Overview", + "description": "DataplaneOverview defines the projected state of a Dataplane." + }, + "kuma.mesh.v1alpha1.Dataplane": { + "properties": { + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking", + "additionalProperties": true, + "description": "Networking describes inbound and outbound interfaces of the data plane proxy." + }, + "metrics": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MetricsBackend", + "additionalProperties": true, + "description": "Configuration for metrics that should be collected and exposed by the data plane proxy. Settings defined here will override their respective defaults defined at a Mesh level." + }, + "probes": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Probes", + "additionalProperties": true, + "description": "Probes describe a list of endpoints that will be exposed without mTLS. This is useful to expose the health endpoints of the application so the orchestration system (e.g. Kubernetes) can still health check the application. See https://kuma.io/docs/latest/policies/service-health-probes/#virtual-probes for more information." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane", + "description": "Dataplane defines a configuration of a side-car proxy." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking": { + "properties": { + "address": { + "type": "string", + "description": "IP on which the data plane proxy is accessible to the control plane and other data plane proxies in the same network. This can also be a hostname, in which case the control plane will periodically resolve it." + }, + "advertisedAddress": { + "type": "string", + "description": "In some situations, a data plane proxy resides in a private network (e.g. Docker) and is not reachable via `address` to other data plane proxies. `advertisedAddress` is configured with a routable address for such data plane proxy so that other proxies in the mesh can connect to it over `advertisedAddress` and not via address. Envoy still binds to the `address`, not `advertisedAddress`." + }, + "gateway": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Gateway", + "additionalProperties": true, + "description": "Gateway describes a configuration of the gateway of the data plane proxy." + }, + "inbound": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound" + }, + "type": "array", + "description": "Inbound describes a list of inbound interfaces of the data plane proxy. Inbound describes a service implemented by the data plane proxy. All incoming traffic to a data plane proxy is going through inbound listeners. For every defined Inbound there is a corresponding Envoy Listener." + }, + "outbound": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Outbound" + }, + "type": "array", + "description": "Outbound describes a list of services consumed by the data plane proxy. For every defined Outbound, there is a corresponding Envoy Listener." + }, + "transparent_proxying": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.TransparentProxying", + "additionalProperties": true, + "description": "TransparentProxying describes the configuration for transparent proxying. It is used by default on Kubernetes." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin describes configuration related to Envoy Admin API. Due to security, all the Envoy Admin endpoints are exposed only on localhost. Additionally, Envoy will expose `/ready` endpoint on `networking.address` for health checking systems to be able to check the state of Envoy. The rest of the endpoints exposed on `networking.address` are always protected by mTLS and only meant to be consumed internally by the control plane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking", + "description": "Networking describes inbound and outbound interfaces of a data plane proxy." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Gateway": { + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with a gateway of this data plane to, e.g. `kuma.io/service=gateway`, `env=prod`. `kuma.io/service` tag is mandatory." + }, + "type": { + "enum": [ + "DELEGATED", + 0, + "BUILTIN", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Gateway Type" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Gateway", + "description": "Gateway describes a service that ingress should not be proxied." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound": { + "properties": { + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service. When transparent proxying is used, it is a port on which the service is listening to. When transparent proxying is not used, Envoy will bind to this port." + }, + "servicePort": { + "type": "integer", + "description": "Port of the service that requests will be forwarded to. Defaults to the same value as `port`." + }, + "serviceAddress": { + "type": "string", + "description": "Address of the service that requests will be forwarded to. Defaults to 'inbound.address', since Kuma DP should be deployed next to the service." + }, + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed. Defaults to `networking.address`." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with an application this data plane proxy is deployed next to, e.g. `kuma.io/service=web`, `version=1.0`. You can then reference these tags in policies like MeshTrafficPermission. `kuma.io/service` tag is mandatory." + }, + "health": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.Health", + "additionalProperties": true, + "description": "Health describes the status of an inbound. If 'health' is nil we consider data plane proxy as healthy. Unhealthy data plane proxies are excluded from Endpoints Discovery Service (EDS). On Kubernetes, it is filled automatically by the control plane if Pod has readiness probe configured. On Universal, it can be set by the external health checking system, but the most common way is to use service probes. See https://kuma.io/docs/latest/documentation/health for more information." + }, + "serviceProbe": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe", + "additionalProperties": true, + "description": "ServiceProbe defines parameters for probing the service next to sidecar. When service probe is defined, Envoy will periodically health check the application next to it and report the status to the control plane. On Kubernetes, Kuma deployments rely on Kubernetes probes so this is not used. See https://kuma.io/docs/latest/documentation/health for more information." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Inbound", + "description": "Inbound describes a service implemented by the data plane proxy. All incoming traffic to a data plane proxy are going through inbound listeners. For every defined Inbound there is a corresponding Envoy Listener." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.Health": { + "properties": { + "ready": { + "type": "boolean", + "description": "Ready indicates if the data plane proxy is ready to serve the traffic." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Health", + "description": "Health describes the status of an inbound" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe": { + "properties": { + "interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Interval between consecutive health checks.", + "format": "regex" + }, + "timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Maximum time to wait for a health check response.", + "format": "regex" + }, + "unhealthy_threshold": { + "additionalProperties": true, + "type": "integer", + "description": "Number of consecutive unhealthy checks before considering a host unhealthy." + }, + "healthy_threshold": { + "additionalProperties": true, + "type": "integer", + "description": "Number of consecutive healthy checks before considering a host healthy." + }, + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe.Tcp", + "additionalProperties": true, + "description": "Tcp checker tries to establish tcp connection with destination" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Service Probe", + "description": "ServiceProbe defines parameters for probing service's port" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Inbound.ServiceProbe.Tcp": { + "additionalProperties": true, + "type": "object", + "title": "Tcp" + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.Outbound": { + "properties": { + "address": { + "type": "string", + "description": "IP on which the consumed service will be available to this data plane proxy. On Kubernetes, it's usually ClusterIP of a Service or PodIP of a Headless Service. Defaults to 127.0.0.1" + }, + "port": { + "type": "integer", + "description": "Port on which the consumed service will be available to this data plane proxy. When transparent proxying is not used, Envoy will bind to this port." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags of consumed data plane proxies. `kuma.io/service` tag is required. These tags can then be referenced in `destinations` section of policies like TrafficRoute or in `to` section in policies like MeshAccessLog. It is recommended to only use `kuma.io/service`. If you need to consume specific data plane proxy of a service (for example: `version=v2`) the better practice is to use TrafficRoute." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Outbound", + "description": "Outbound describes a service consumed by the data plane proxy. For every defined Outbound there is a corresponding Envoy Listener." + }, + "kuma.mesh.v1alpha1.Dataplane.Networking.TransparentProxying": { + "properties": { + "redirect_port_inbound": { + "type": "integer", + "description": "Port on which all inbound traffic is being transparently redirected." + }, + "redirect_port_outbound": { + "type": "integer", + "description": "Port on which all outbound traffic is being transparently redirected." + }, + "direct_access_services": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of services that will be accessed directly via IP:PORT Use `*` to indicate direct access to every service in the Mesh. Using `*` to directly access every service is a resource-intensive operation, use it only if needed." + }, + "redirect_port_inbound_v6": { + "type": "integer", + "description": "Port on which all IPv6 inbound traffic is being transparently redirected." + }, + "reachable_services": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of reachable services (represented by the value of `kuma.io/service`) via transparent proxying. Setting an explicit list can dramatically improve the performance of the mesh. If not specified, all services in the mesh are reachable." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Transparent Proxying", + "description": "TransparentProxying describes configuration for transparent proxying." + }, + "kuma.mesh.v1alpha1.Dataplane.Probes": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which the probe endpoints will be exposed. This cannot overlap with any other ports." + }, + "endpoints": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Dataplane.Probes.Endpoint" + }, + "type": "array", + "description": "List of endpoints to expose without mTLS." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Probes" + }, + "kuma.mesh.v1alpha1.Dataplane.Probes.Endpoint": { + "properties": { + "inbound_port": { + "type": "integer", + "description": "Inbound port is a port of the application from which we expose the endpoint." + }, + "inbound_path": { + "type": "string", + "description": "Inbound path is a path of the application from which we expose the endpoint. It is recommended to be as specific as possible." + }, + "path": { + "type": "string", + "description": "Path is a path on which we expose inbound path on the probes port." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Endpoint" + }, + "kuma.mesh.v1alpha1.DataplaneInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Dataplane." + }, + "mTLS": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DataplaneInsight.MTLS", + "additionalProperties": true, + "description": "Insights about mTLS for Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Insight", + "description": "DataplaneInsight defines the observed state of a Dataplane." + }, + "kuma.mesh.v1alpha1.DataplaneInsight.MTLS": { + "properties": { + "certificate_expiration_time": { + "type": "string", + "description": "Expiration time of the last certificate that was generated for a Dataplane.", + "format": "date-time" + }, + "last_certificate_regeneration": { + "type": "string", + "description": "Time on which the last certificate was generated.", + "format": "date-time" + }, + "certificate_regenerations": { + "type": "integer", + "description": "Number of certificate regenerations for a Dataplane." + }, + "issuedBackend": { + "type": "string", + "description": "Backend that was used to generate current certificate" + }, + "supportedBackends": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Supported backends (CA)." + } + }, + "additionalProperties": true, + "type": "object", + "title": "MTLS", + "description": "MTLS defines insights for mTLS" + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.MetricsBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.metrics.enabledBackend" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'prometheus')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics Backend", + "description": "MetricsBackend defines metric backends" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DiscoveryServiceStats.json b/app/docs/2.4.x/protos/DiscoveryServiceStats.json new file mode 100644 index 000000000..eadb3791c --- /dev/null +++ b/app/docs/2.4.x/protos/DiscoveryServiceStats.json @@ -0,0 +1,26 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DiscoveryServiceStats", + "definitions": { + "DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DiscoverySubscription.json b/app/docs/2.4.x/protos/DiscoverySubscription.json new file mode 100644 index 000000000..06db6c019 --- /dev/null +++ b/app/docs/2.4.x/protos/DiscoverySubscription.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DiscoverySubscription", + "definitions": { + "DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/DiscoverySubscriptionStatus.json b/app/docs/2.4.x/protos/DiscoverySubscriptionStatus.json new file mode 100644 index 000000000..2ac471c4a --- /dev/null +++ b/app/docs/2.4.x/protos/DiscoverySubscriptionStatus.json @@ -0,0 +1,64 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DiscoverySubscriptionStatus", + "definitions": { + "DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/EnvoyAdmin.json b/app/docs/2.4.x/protos/EnvoyAdmin.json new file mode 100644 index 000000000..e26fdf4be --- /dev/null +++ b/app/docs/2.4.x/protos/EnvoyAdmin.json @@ -0,0 +1,17 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/EnvoyAdmin", + "definitions": { + "EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/EnvoyVersion.json b/app/docs/2.4.x/protos/EnvoyVersion.json new file mode 100644 index 000000000..c14f40762 --- /dev/null +++ b/app/docs/2.4.x/protos/EnvoyVersion.json @@ -0,0 +1,26 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/EnvoyVersion", + "definitions": { + "EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ExternalService.json b/app/docs/2.4.x/protos/ExternalService.json new file mode 100644 index 000000000..293d87f88 --- /dev/null +++ b/app/docs/2.4.x/protos/ExternalService.json @@ -0,0 +1,107 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ExternalService", + "definitions": { + "ExternalService": { + "properties": { + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ExternalService.Networking", + "additionalProperties": true + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with the external service, e.g. kuma.io/service=web, kuma.io/protocol, version=1.0." + } + }, + "additionalProperties": true, + "type": "object", + "title": "External Service", + "description": "ExternalService defines configuration of the externally accessible service" + }, + "kuma.mesh.v1alpha1.ExternalService.Networking": { + "properties": { + "address": { + "type": "string", + "description": "Address of the external service" + }, + "tls": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ExternalService.Networking.TLS", + "additionalProperties": true + }, + "disableHostDNSEntry": { + "type": "boolean", + "description": "If disableHostDNSEntry is set to true then a DNS entry for the external service taken from 'networking.address' won't be generated. You can still reach this external service using external-service-name.mesh:80 where \"external-service-name\" is taken from \"kuma.io/service\" tag." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking", + "description": "Networking describes the properties of the external service connectivity" + }, + "kuma.mesh.v1alpha1.ExternalService.Networking.TLS": { + "properties": { + "enabled": { + "type": "boolean", + "description": "denotes that the external service uses TLS" + }, + "ca_cert": { + "$ref": "#/definitions/kuma.system.v1alpha1.DataSource", + "additionalProperties": true, + "description": "Data source for the certificate of CA" + }, + "client_cert": { + "$ref": "#/definitions/kuma.system.v1alpha1.DataSource", + "additionalProperties": true, + "description": "Data source for the authentication" + }, + "client_key": { + "$ref": "#/definitions/kuma.system.v1alpha1.DataSource", + "additionalProperties": true, + "description": "Data source for the authentication" + }, + "allowRenegotiation": { + "additionalProperties": true, + "type": "boolean", + "description": "If true then TLS session will allow renegotiation. It's not recommended to set this to true because of security reasons. However, some servers requires this setting, especially when using mTLS." + }, + "server_name": { + "additionalProperties": true, + "type": "string", + "description": "ServerName overrides the default Server Name Indicator set by Kuma. The default value is set to \"address\" specified in \"networking\"." + } + }, + "additionalProperties": true, + "type": "object", + "title": "TLS", + "description": "TLS" + }, + "kuma.system.v1alpha1.DataSource": { + "properties": { + "secret": { + "type": "string", + "description": "Data source is a secret with given Secret key." + }, + "file": { + "type": "string", + "description": "Data source is a path to a file. Deprecated, use other sources of a data." + }, + "inline": { + "additionalProperties": true, + "type": "string", + "description": "Data source is inline bytes." + }, + "inlineString": { + "type": "string", + "description": "Data source is inline string" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Data Source", + "description": "DataSource defines the source of bytes to use." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/FaultInjection.json b/app/docs/2.4.x/protos/FaultInjection.json new file mode 100644 index 000000000..702233c5a --- /dev/null +++ b/app/docs/2.4.x/protos/FaultInjection.json @@ -0,0 +1,126 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FaultInjection", + "definitions": { + "FaultInjection": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.FaultInjection.Conf", + "additionalProperties": true, + "description": "Configuration of FaultInjection" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Fault Injection", + "description": "FaultInjection defines the configuration of faults between dataplanes." + }, + "kuma.mesh.v1alpha1.FaultInjection.Conf": { + "properties": { + "delay": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.FaultInjection.Conf.Delay", + "additionalProperties": true, + "description": "Delay if specified then response from the destination will be delivered with a delay" + }, + "abort": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.FaultInjection.Conf.Abort", + "additionalProperties": true, + "description": "Abort if specified makes source side to receive specified httpStatus code" + }, + "response_bandwidth": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.FaultInjection.Conf.ResponseBandwidth", + "additionalProperties": true, + "description": "ResponseBandwidth if specified limits the speed of sending response body" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Conf defines several types of faults, at least one fault should be specified" + }, + "kuma.mesh.v1alpha1.FaultInjection.Conf.Abort": { + "properties": { + "percentage": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of requests on which abort will be injected, has to be in [0.0 - 100.0] range" + }, + "httpStatus": { + "additionalProperties": true, + "type": "integer", + "description": "HTTP status code which will be returned to source side" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Abort", + "description": "Abort defines a configuration of not delivering requests to destination service and replacing the responses from destination dataplane by predefined status code" + }, + "kuma.mesh.v1alpha1.FaultInjection.Conf.Delay": { + "properties": { + "percentage": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of requests on which delay will be injected, has to be in [0.0 - 100.0] range" + }, + "value": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "The duration during which the response will be delayed", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Delay", + "description": "Delay defines configuration of delaying a response from a destination" + }, + "kuma.mesh.v1alpha1.FaultInjection.Conf.ResponseBandwidth": { + "properties": { + "percentage": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of requests on which response bandwidth limit will be injected, has to be in [0.0 - 100.0] range" + }, + "limit": { + "additionalProperties": true, + "type": "string", + "description": "Limit is represented by value measure in gbps, mbps, kbps or bps, e.g. 10kbps" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Response Bandwidth", + "description": "ResponseBandwidth defines a configuration to limit the speed of responding to the requests" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/FileLoggingBackendConfig.json b/app/docs/2.4.x/protos/FileLoggingBackendConfig.json new file mode 100644 index 000000000..7302651b2 --- /dev/null +++ b/app/docs/2.4.x/protos/FileLoggingBackendConfig.json @@ -0,0 +1,18 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FileLoggingBackendConfig", + "definitions": { + "FileLoggingBackendConfig": { + "properties": { + "path": { + "type": "string", + "description": "Path to a file that logs will be written to" + } + }, + "additionalProperties": true, + "type": "object", + "title": "File Logging Backend Config", + "description": "FileLoggingBackendConfig defines configuration for file based access logs" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/HealthCheck.json b/app/docs/2.4.x/protos/HealthCheck.json new file mode 100644 index 000000000..495846305 --- /dev/null +++ b/app/docs/2.4.x/protos/HealthCheck.json @@ -0,0 +1,212 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/HealthCheck", + "definitions": { + "HealthCheck": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that should be configured to do health checks." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that need to be health checked." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.HealthCheck.Conf", + "additionalProperties": true, + "description": "Configuration for various types of health checking." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Health Check", + "description": "HealthCheck defines configuration for health checking." + }, + "kuma.mesh.v1alpha1.HealthCheck.Conf": { + "properties": { + "interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Interval between consecutive health checks.", + "format": "regex" + }, + "timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Maximum time to wait for a health check response.", + "format": "regex" + }, + "unhealthy_threshold": { + "type": "integer", + "description": "Number of consecutive unhealthy checks before considering a host unhealthy." + }, + "healthy_threshold": { + "type": "integer", + "description": "Number of consecutive healthy checks before considering a host healthy." + }, + "initial_jitter": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "If specified, Envoy will start health checking after for a random time in ms between 0 and initial_jitter. This only applies to the first health check.", + "format": "regex" + }, + "interval_jitter": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "If specified, during every interval Envoy will add interval_jitter to the wait time.", + "format": "regex" + }, + "interval_jitter_percent": { + "type": "integer", + "description": "If specified, during every interval Envoy will add interval_ms * interval_jitter_percent / 100 to the wait time. If interval_jitter_ms and interval_jitter_percent are both set, both of them will be used to increase the wait time." + }, + "healthy_panic_threshold": { + "additionalProperties": true, + "type": "number", + "description": "Allows to configure panic threshold for Envoy cluster. If not specified, the default is 50%. To disable panic mode, set to 0%." + }, + "fail_traffic_on_panic": { + "additionalProperties": true, + "type": "boolean", + "description": "If set to true, Envoy will not consider any hosts when the cluster is in 'panic mode'. Instead, the cluster will fail all requests as if all hosts are unhealthy. This can help avoid potentially overwhelming a failing service." + }, + "event_log_path": { + "type": "string", + "description": "Specifies the path to the file where Envoy can log health check events. If empty, no event log will be written." + }, + "always_log_health_check_failures": { + "additionalProperties": true, + "type": "boolean", + "description": "If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false." + }, + "no_traffic_interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "The \"no traffic interval\" is a special health check interval that is used when a cluster has never had traffic routed to it. This lower interval allows cluster information to be kept up to date, without sending a potentially large amount of active health checking traffic for no reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the standard health check interval that is defined. Note that this interval takes precedence over any other. The default value for \"no traffic interval\" is 60 seconds.", + "format": "regex" + }, + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.HealthCheck.Conf.Tcp", + "additionalProperties": true + }, + "http": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.HealthCheck.Conf.Http", + "additionalProperties": true + }, + "reuse_connection": { + "additionalProperties": true, + "type": "boolean", + "description": "Reuse health check connection between health checks. Default is true." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Conf defines configuration for various types of health checking." + }, + "kuma.mesh.v1alpha1.HealthCheck.Conf.Http": { + "properties": { + "path": { + "type": "string", + "description": "The HTTP path which will be requested during the health check (ie. /health) +required" + }, + "request_headers_to_add": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.HealthCheck.Conf.Http.HeaderValueOption" + }, + "type": "array", + "description": "The list of HTTP headers which should be added to each health check request +optional" + }, + "expected_statuses": { + "items": { + "type": "integer", + "title": "U Int 32 Value", + "description": "Wrapper message for `uint32`. The JSON representation for `UInt32Value` is JSON number." + }, + "type": "array", + "description": "List of HTTP response statuses which are considered healthy +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http", + "description": "Http defines optional Http configuration which will instruct the service the health check will be made for is an http service. It's mutually exclusive with the Tcp block so when provided you can't provide the Tcp configuration" + }, + "kuma.mesh.v1alpha1.HealthCheck.Conf.Http.HeaderValue": { + "properties": { + "key": { + "type": "string", + "description": "Header name +required" + }, + "value": { + "type": "string", + "description": "Header value +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header Value" + }, + "kuma.mesh.v1alpha1.HealthCheck.Conf.Http.HeaderValueOption": { + "properties": { + "header": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.HealthCheck.Conf.Http.HeaderValue", + "additionalProperties": true, + "description": "Key/Value representation of the HTTP header +required" + }, + "append": { + "additionalProperties": true, + "type": "boolean", + "description": "The bool value which if true (default) will mean the header values should be appended to already present ones +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header Value Option" + }, + "kuma.mesh.v1alpha1.HealthCheck.Conf.Tcp": { + "properties": { + "send": { + "additionalProperties": true, + "type": "string", + "description": "Bytes which will be send during the health check to the target" + }, + "receive": { + "items": { + "type": "string", + "title": "Bytes Value", + "description": "Wrapper message for `bytes`. The JSON representation for `BytesValue` is JSON string." + }, + "type": "array", + "description": "Bytes blocks expected as a response. When checking the response, “fuzzy” matching is performed such that each block must be found, and in the order specified, but not necessarily contiguous." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tcp", + "description": "Tcp defines optional configuration for specifying bytes to send and expected response during the health check" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/HttpMethod.json b/app/docs/2.4.x/protos/HttpMethod.json new file mode 100644 index 000000000..71495c878 --- /dev/null +++ b/app/docs/2.4.x/protos/HttpMethod.json @@ -0,0 +1,34 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "enum": [ + "NONE", + 0, + "CONNECT", + 1, + "DELETE", + 2, + "GET", + 3, + "HEAD", + 4, + "OPTIONS", + 5, + "PATCH", + 6, + "POST", + 7, + "PUT", + 8, + "TRACE", + 9 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Http Method" +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/KumaDpVersion.json b/app/docs/2.4.x/protos/KumaDpVersion.json new file mode 100644 index 000000000..2d087b8c8 --- /dev/null +++ b/app/docs/2.4.x/protos/KumaDpVersion.json @@ -0,0 +1,34 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/KumaDpVersion", + "definitions": { + "KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/KumaResource.json b/app/docs/2.4.x/protos/KumaResource.json new file mode 100644 index 000000000..a4781295d --- /dev/null +++ b/app/docs/2.4.x/protos/KumaResource.json @@ -0,0 +1,49 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/KumaResource", + "definitions": { + "KumaResource": { + "properties": { + "meta": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaResource.Meta", + "additionalProperties": true + }, + "spec": { + "properties": { + "type_url": { + "type": "string", + "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." + }, + "value": { + "type": "string", + "description": "Must be a valid serialized protocol buffer of the above specified type.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Resource" + }, + "kuma.mesh.v1alpha1.KumaResource.Meta": { + "properties": { + "name": { + "type": "string" + }, + "mesh": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Meta" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Logging.json b/app/docs/2.4.x/protos/Logging.json new file mode 100644 index 000000000..e86a46b02 --- /dev/null +++ b/app/docs/2.4.x/protos/Logging.json @@ -0,0 +1,49 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Logging", + "definitions": { + "Logging": { + "properties": { + "defaultBackend": { + "type": "string", + "description": "Name of the default backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.LoggingBackend" + }, + "type": "array", + "description": "List of available logging backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Logging" + }, + "kuma.mesh.v1alpha1.LoggingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.logging.defaultBackend or in TrafficLogging" + }, + "format": { + "type": "string", + "description": "Format of access logs. Placeholders available on https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'tcp' and 'file')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Logging Backend", + "description": "LoggingBackend defines logging backend available to mesh. Backends can be used in TrafficLog rules." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/LoggingBackend.json b/app/docs/2.4.x/protos/LoggingBackend.json new file mode 100644 index 000000000..d1770d208 --- /dev/null +++ b/app/docs/2.4.x/protos/LoggingBackend.json @@ -0,0 +1,31 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/LoggingBackend", + "definitions": { + "LoggingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.logging.defaultBackend or in TrafficLogging" + }, + "format": { + "type": "string", + "description": "Format of access logs. Placeholders available on https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'tcp' and 'file')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Logging Backend", + "description": "LoggingBackend defines logging backend available to mesh. Backends can be used in TrafficLog rules." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Mesh.json b/app/docs/2.4.x/protos/Mesh.json new file mode 100644 index 000000000..1c52da2e2 --- /dev/null +++ b/app/docs/2.4.x/protos/Mesh.json @@ -0,0 +1,386 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Mesh", + "definitions": { + "Mesh": { + "properties": { + "mtls": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Mesh.Mtls", + "additionalProperties": true, + "description": "mTLS settings. +optional" + }, + "tracing": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Tracing", + "additionalProperties": true, + "description": "Tracing settings. +optional" + }, + "logging": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Logging", + "additionalProperties": true, + "description": "Logging settings. +optional" + }, + "metrics": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Metrics", + "additionalProperties": true, + "description": "Configuration for metrics collected and exposed by dataplanes. Settings defined here become defaults for every dataplane in a given Mesh. Additionally, it is also possible to further customize this configuration for each dataplane individually using Dataplane resource. +optional" + }, + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Networking", + "additionalProperties": true, + "description": "Networking settings of the mesh" + }, + "routing": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Routing", + "additionalProperties": true, + "description": "Routing settings of the mesh" + }, + "constraints": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Mesh.Constraints", + "additionalProperties": true, + "description": "Constraints that applies to the mesh and its entities" + }, + "skipCreatingInitialPolicies": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of policies to skip creating by default when the mesh is created. e.g. TrafficPermission, MeshRetry, etc. An '*' can be used to skip all policies." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mesh", + "description": "Mesh defines configuration of a single mesh." + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend" + }, + "type": { + "type": "string", + "description": "Type of the backend. Has to be one of the loaded plugins (Kuma ships with builtin and provided)" + }, + "dpCert": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert", + "additionalProperties": true, + "description": "Dataplane certificate settings" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + }, + "mode": { + "enum": [ + "STRICT", + 0, + "PERMISSIVE", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Mode" + }, + "rootChain": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.RootChain", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Certificate Authority Backend", + "description": "CertificateAuthorityBackend defines Certificate Authority backend" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert": { + "properties": { + "rotation": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert.Rotation", + "additionalProperties": true, + "description": "Rotation settings" + }, + "requestTimeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Timeout on request to CA for DP certificate generation and retrieval", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dp Cert", + "description": "DpCert defines settings for certificates generated for Dataplanes" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.DpCert.Rotation": { + "properties": { + "expiration": { + "type": "string", + "description": "Time after which generated certificate for Dataplane will expire" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rotation", + "description": "Rotation defines rotation settings for Dataplane certificate" + }, + "kuma.mesh.v1alpha1.CertificateAuthorityBackend.RootChain": { + "properties": { + "requestTimeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "Timeout on request for to CA for root certificate chain. If not specified, defaults to 10s.", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Root Chain", + "description": "RootChain defines settings related to CA root certificate chain." + }, + "kuma.mesh.v1alpha1.Logging": { + "properties": { + "defaultBackend": { + "type": "string", + "description": "Name of the default backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.LoggingBackend" + }, + "type": "array", + "description": "List of available logging backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Logging" + }, + "kuma.mesh.v1alpha1.LoggingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.logging.defaultBackend or in TrafficLogging" + }, + "format": { + "type": "string", + "description": "Format of access logs. Placeholders available on https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'tcp' and 'file')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Logging Backend", + "description": "LoggingBackend defines logging backend available to mesh. Backends can be used in TrafficLog rules." + }, + "kuma.mesh.v1alpha1.Mesh.Constraints": { + "properties": { + "dataplaneProxy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Mesh.DataplaneProxyConstraints", + "additionalProperties": true, + "description": "DataplaneProxyMembership defines a set of requirements for data plane proxies to be a member of the mesh." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Constraints", + "description": "Constraints to apply to the mesh and its entities" + }, + "kuma.mesh.v1alpha1.Mesh.DataplaneProxyConstraints": { + "properties": { + "requirements": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Mesh.DataplaneProxyConstraints.Rules" + }, + "type": "array", + "description": "Requirements defines a set of requirements that data plane proxies must fulfill in order to join the mesh. A data plane proxy must fulfill at least one requirement in order to join the mesh. Empty list of allowed requirements means that any proxy that is not explicitly denied can join." + }, + "restrictions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Mesh.DataplaneProxyConstraints.Rules" + }, + "type": "array", + "description": "Restrictions defines a set of restrictions that data plane proxies cannot fulfill in order to join the mesh. A data plane proxy cannot fulfill any requirement in order to join the mesh. Restrictions takes precedence over requirements." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Proxy Constraints" + }, + "kuma.mesh.v1alpha1.Mesh.DataplaneProxyConstraints.Rules": { + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags defines set of required tags. You can specify '*' in value to require non empty value of tag" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rules", + "description": "Rules defines a set of rules for data plane proxies to be member of the mesh." + }, + "kuma.mesh.v1alpha1.Mesh.Mtls": { + "properties": { + "enabledBackend": { + "type": "string", + "description": "Name of the enabled backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.CertificateAuthorityBackend" + }, + "type": "array", + "description": "List of available Certificate Authority backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mtls", + "description": "mTLS settings of a Mesh." + }, + "kuma.mesh.v1alpha1.Metrics": { + "properties": { + "enabledBackend": { + "type": "string", + "description": "Name of the enabled backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MetricsBackend" + }, + "type": "array", + "description": "List of available Metrics backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics", + "description": "Metrics defines configuration for metrics that should be collected and exposed by dataplanes." + }, + "kuma.mesh.v1alpha1.MetricsBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.metrics.enabledBackend" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'prometheus')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics Backend", + "description": "MetricsBackend defines metric backends" + }, + "kuma.mesh.v1alpha1.Networking": { + "properties": { + "outbound": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Networking.Outbound", + "additionalProperties": true, + "description": "Outbound settings" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking", + "description": "Networking defines the networking configuration of the mesh" + }, + "kuma.mesh.v1alpha1.Networking.Outbound": { + "properties": { + "passthrough": { + "additionalProperties": true, + "type": "boolean", + "description": "Control the passthrough cluster" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Outbound", + "description": "Outbound describes the common mesh outbound settings" + }, + "kuma.mesh.v1alpha1.Routing": { + "properties": { + "localityAwareLoadBalancing": { + "type": "boolean", + "description": "Enable the Locality Aware Load Balancing" + }, + "zoneEgress": { + "type": "boolean", + "description": "Enable routing traffic to services in other zone or external services through ZoneEgress. Default: false" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Routing", + "description": "Routing defines configuration for the routing in the mesh" + }, + "kuma.mesh.v1alpha1.Tracing": { + "properties": { + "defaultBackend": { + "type": "string", + "description": "Name of the default backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TracingBackend" + }, + "type": "array", + "description": "List of available tracing backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tracing", + "description": "Tracing defines tracing configuration of the mesh." + }, + "kuma.mesh.v1alpha1.TracingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.tracing.defaultBackend or in TrafficTrace" + }, + "sampling": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of traces that will be sent to the backend (range 0.0 - 100.0). Empty value defaults to 100.0%" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'zipkin')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tracing Backend", + "description": "TracingBackend defines tracing backend available to mesh. Backends can be used in TrafficTrace rules." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/MeshGateway.json b/app/docs/2.4.x/protos/MeshGateway.json new file mode 100644 index 000000000..79692f693 --- /dev/null +++ b/app/docs/2.4.x/protos/MeshGateway.json @@ -0,0 +1,202 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/MeshGateway", + "definitions": { + "MeshGateway": { + "properties": { + "selectors": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "Selectors is a list of selectors that are used to match builtin gateway dataplanes that will receive this MeshGateway configuration." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags is the set of tags common to all of the gateway's listeners. This field must not include a `kuma.io/service` tag (the service is always defined on the dataplanes)." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGateway.Conf", + "additionalProperties": true, + "description": "The desired configuration of the MeshGateway." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mesh Gateway", + "description": "MeshGateway is a virtual proxy. Each MeshGateway is bound to a set of builtin gateway dataplanes. Each builtin dataplane instance can host exactly one Gateway proxy configuration. Gateway aligns with the Kubernetes Gateway API. See that spec for detailed documentation." + }, + "kuma.mesh.v1alpha1.MeshGateway.Conf": { + "properties": { + "listeners": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGateway.Listener" + }, + "type": "array", + "description": "Listeners define logical endpoints that are bound on this MeshGateway's address(es)." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Conf defines the desired state of MeshGateway. Aligns with MeshGatewaySpec." + }, + "kuma.mesh.v1alpha1.MeshGateway.Listener": { + "properties": { + "hostname": { + "type": "string", + "description": "Hostname specifies the virtual hostname to match for protocol types that define this concept. When unspecified, \"\", or `*`, all hostnames are matched. This field can be omitted for protocols that don't require hostname based matching." + }, + "port": { + "type": "integer", + "description": "Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules." + }, + "protocol": { + "enum": [ + "NONE", + 0, + "TCP", + 1, + "TLS", + 3, + "HTTP", + 4, + "HTTPS", + 5 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Protocol" + }, + "tls": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGateway.TLS.Conf", + "additionalProperties": true, + "description": "TLS is the TLS configuration for the Listener. This field is required if the Protocol field is \"HTTPS\" or \"TLS\" and ignored otherwise." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags specifies a unique combination of tags that routes can use to match themselves to this listener. When matching routes to listeners, the control plane constructs a set of matching tags for each listener by forming the union of the gateway tags and the listener tags. A route will be attached to the listener if all of the route's tags are preset in the matching tags" + }, + "crossMesh": { + "type": "boolean", + "description": "CrossMesh enables traffic to flow to this listener only from other meshes." + }, + "resources": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGateway.Listener.Resources", + "additionalProperties": true, + "description": "Resources is used to specify listener-specific resource settings." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Listener" + }, + "kuma.mesh.v1alpha1.MeshGateway.Listener.Resources": { + "properties": { + "connection_limit": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Resources" + }, + "kuma.mesh.v1alpha1.MeshGateway.TLS.Conf": { + "properties": { + "mode": { + "enum": [ + "NONE", + 0, + "TERMINATE", + 1, + "PASSTHROUGH", + 2 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Mode" + }, + "certificates": { + "items": { + "$ref": "#/definitions/kuma.system.v1alpha1.DataSource" + }, + "type": "array", + "description": "Certificates is an array of datasources that contain TLS certificates and private keys. Each datasource must contain a sequence of PEM-encoded objects. The server certificate and private key are required, but additional certificates are allowed and will be added to the certificate chain. The server certificate must be the first certificate in the datasource. When multiple certificate datasources are configured, they must have different key types. In practice, this means that one datasource should contain an RSA key and certificate, and the other an ECDSA key and certificate." + }, + "options": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGateway.TLS.Options", + "additionalProperties": true, + "description": "Options should eventually configure how TLS is configured. This is where cipher suite and version configuration can be specified, client certificates enforced, and so on." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Aligns with MeshGatewayTLSConfig." + }, + "kuma.mesh.v1alpha1.MeshGateway.TLS.Options": { + "additionalProperties": true, + "type": "object", + "title": "Options", + "description": "TODO(jpeach)" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.system.v1alpha1.DataSource": { + "properties": { + "secret": { + "type": "string", + "description": "Data source is a secret with given Secret key." + }, + "file": { + "type": "string", + "description": "Data source is a path to a file. Deprecated, use other sources of a data." + }, + "inline": { + "additionalProperties": true, + "type": "string", + "description": "Data source is inline bytes." + }, + "inlineString": { + "type": "string", + "description": "Data source is inline string" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Data Source", + "description": "DataSource defines the source of bytes to use." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/MeshGatewayRoute.json b/app/docs/2.4.x/protos/MeshGatewayRoute.json new file mode 100644 index 000000000..1ccb5b377 --- /dev/null +++ b/app/docs/2.4.x/protos/MeshGatewayRoute.json @@ -0,0 +1,442 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/MeshGatewayRoute", + "definitions": { + "MeshGatewayRoute": { + "properties": { + "selectors": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "Selectors is used to match this resource to MeshGateway listener." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.Conf", + "additionalProperties": true, + "description": "Conf specifies the route configuration." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mesh Gateway Route" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.Backend": { + "properties": { + "weight": { + "type": "integer", + "description": "Weight is the proportion of requests this backend will receive when a forwarding rules specifies multiple backends. Traffic weight is computed as \"weight/sum(all weights)\". A weight of 0 means that the destination will be ignored." + }, + "destination": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Destination is a selector to match the individual endpoints to which the gateway will forward." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Backend", + "description": "Backend selects a target for HTTP request forwarding." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.Conf": { + "properties": { + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.TcpRoute", + "additionalProperties": true + }, + "http": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute", + "additionalProperties": true, + "title": "TlsRoute tls = 3;", + "description": "TlsRoute tls = 3;" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute": { + "properties": { + "hostnames": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Hostnames lists the server names for which this route is valid. The hostnames are matched against the TLS Server Name Indication extension if this is a TLS session. They are also matched against the HTTP host (authority) header in the client's HTTP request." + }, + "rules": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Rule" + }, + "type": "array", + "description": "Rules specifies how the gateway should match and process HTTP requests." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http Route", + "description": "HTTP routes are valid for listeners that accept HTTP/1.1 and HTTP/2 over both TCP and TLS." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter": { + "properties": { + "request_header": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter", + "additionalProperties": true + }, + "mirror": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Mirror", + "additionalProperties": true + }, + "redirect": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Redirect", + "additionalProperties": true + }, + "rewrite": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Rewrite", + "additionalProperties": true + }, + "response_header": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Filter" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter": { + "properties": { + "set": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter.Header" + }, + "type": "array" + }, + "add": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter.Header" + }, + "type": "array" + }, + "remove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header Filter" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.HeaderFilter.Header": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Mirror": { + "properties": { + "backend": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.Backend", + "additionalProperties": true, + "description": "Backend denotes the service to which requests will be mirrored. The \"weight\" field must not be given." + }, + "percentage": { + "additionalProperties": true, + "type": "number", + "description": "Percentage specifies the percentage of requests to mirror to the backend (in the range 0.0 - 100.0, inclusive)." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mirror", + "description": "The mirror filter sends a percentage of HTTP requests to the given backend. The gateway ignores any responses to these requests." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Redirect": { + "properties": { + "scheme": { + "type": "string", + "description": "The scheme for the redirect URL. Usually \"http\" or \"https\"." + }, + "hostname": { + "type": "string", + "description": "The hostname to redirect to." + }, + "port": { + "type": "integer", + "description": "The port to redirect to." + }, + "status_code": { + "type": "integer", + "description": "The HTTP response status code. This must be in the range 300 - 308." + }, + "path": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Rewrite", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Redirect", + "description": "The redirect filter responds to the HTTP request immediately, without forwarding it to any backend. The response is a HTTP redirect message." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter.Rewrite": { + "properties": { + "replace_full": { + "type": "string" + }, + "replace_prefix_match": { + "type": "string", + "description": "Note that rewriting \"/prefix\" to \"/\" will do the right thing: - the path \"/prefix\" is rewritten to \"/\" - the path \"/prefix/rest\" is rewritten to \"/rest\"" + }, + "host_to_backend_hostname": { + "type": "boolean", + "description": "Option to indicate that during forwarding, the host header should be swapped with the hostname of the upstream host chosen by the Envoy's cluster manager. BE AWARE: - it's mutually exclusive with request_header filter which explicitly replaces \"host\" header" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rewrite" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match": { + "properties": { + "path": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Path", + "additionalProperties": true + }, + "method": { + "enum": [ + "NONE", + 0, + "CONNECT", + 1, + "DELETE", + 2, + "GET", + 3, + "HEAD", + 4, + "OPTIONS", + 5, + "PATCH", + 6, + "POST", + 7, + "PUT", + 8, + "TRACE", + 9 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Http Method" + }, + "headers": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Header" + }, + "type": "array" + }, + "query_parameters": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Query" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match specifies the criteria for when a HTTP request matches a rule. The match is only considered successful if all of the specified conditions succeed (AND semantics). At least one match condition must be given." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Header": { + "properties": { + "match": { + "enum": [ + "EXACT", + 0, + "REGEX", + 1, + "ABSENT", + 2, + "PRESENT", + 3 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Match Type" + }, + "name": { + "type": "string", + "description": "Name of the HTTP header containing the value to match." + }, + "value": { + "type": "string", + "description": "Value that the HTTP header value should be matched against." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header", + "description": "Header matches a value in a HTTP request header. Not that if the header is defined to have multiple values, a REGEX match must be used to match a specific value." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Path": { + "properties": { + "match": { + "enum": [ + "EXACT", + 0, + "PREFIX", + 1, + "REGEX", + 2 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Match Type" + }, + "value": { + "minLength": 1, + "type": "string", + "description": "Value is the path to match against. For EXACT and PREFIX match types, it must be a HTTP URI path. For the REGEX match type, it must be a RE2 regular expression. Note that a PREFIX match succeeds only if the prefix is the the entire path or is followed by a /. I.e. a prefix of the path in terms of path elements." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Path", + "description": "Path matches may be \"EXACT\", \"PREFIX\", or \"REGEX\" matches. If the match type is not specified, \"EXACT\" is the default." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match.Query": { + "properties": { + "match": { + "enum": [ + "EXACT", + 0, + "REGEX", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Match Type" + }, + "name": { + "type": "string", + "description": "Name of the query parameter containing the value to match." + }, + "value": { + "type": "string", + "description": "Value that the query parameter value should be matched against." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Query", + "description": "Query matches against HTTP request query parameters." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Rule": { + "properties": { + "matches": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Match" + }, + "type": "array", + "description": "Matches are checked in order. If any match is successful, the rule is selected (OR semantics)." + }, + "filters": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.HttpRoute.Filter" + }, + "type": "array", + "description": "Filters are request processing steps that are applied to matched requests. If the redirect filter is specified, it must be the only filter given." + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.Backend" + }, + "type": "array", + "description": "Backends is the set of services to which the gateway will forward requests. If a redirect filter is specified, no backends are allowed. Otherwise, at least one backend must be given." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rule" + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.TcpRoute": { + "properties": { + "rules": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.TcpRoute.Rule" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tcp Route", + "description": "TCP routes are valid for listeners that accept connections over TCP." + }, + "kuma.mesh.v1alpha1.MeshGatewayRoute.TcpRoute.Rule": { + "properties": { + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshGatewayRoute.Backend" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rule", + "description": "repeated Match matches = 1;" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/MeshInsight.json b/app/docs/2.4.x/protos/MeshInsight.json new file mode 100644 index 000000000..36b0d45fc --- /dev/null +++ b/app/docs/2.4.x/protos/MeshInsight.json @@ -0,0 +1,153 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/MeshInsight", + "definitions": { + "MeshInsight": { + "properties": { + "dataplanes": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "policies": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.PolicyStat", + "additionalProperties": true + }, + "type": "object" + }, + "dpVersions": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DpVersions", + "additionalProperties": true + }, + "mTLS": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.MTLS", + "additionalProperties": true, + "description": "mTLS statistics" + }, + "services": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.ServiceStat", + "additionalProperties": true + }, + "dataplanesByType": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplanesByType", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Mesh Insight", + "description": "MeshInsight defines the observed state of a Mesh." + }, + "kuma.mesh.v1alpha1.MeshInsight.DataplaneStat": { + "properties": { + "total": { + "type": "integer" + }, + "online": { + "type": "integer" + }, + "offline": { + "type": "integer" + }, + "partially_degraded": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Stat", + "description": "DataplaneStat defines statistic specifically for Dataplane" + }, + "kuma.mesh.v1alpha1.MeshInsight.DataplanesByType": { + "properties": { + "standard": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "gateway": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplanes By Type", + "description": "DataplanesByType defines statistics splitted by dataplane types" + }, + "kuma.mesh.v1alpha1.MeshInsight.DpVersions": { + "properties": { + "kumaDp": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "type": "object", + "description": "Dataplane stats grouped by KumaDP version" + }, + "envoy": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "type": "object", + "description": "Dataplane stats grouped by Envoy version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dp Versions", + "description": "DpVersions defines statistics grouped by dataplane versions" + }, + "kuma.mesh.v1alpha1.MeshInsight.MTLS": { + "properties": { + "issuedBackends": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "type": "object", + "description": "Dataplanes grouped by issued backends." + }, + "supportedBackends": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MeshInsight.DataplaneStat", + "additionalProperties": true + }, + "type": "object", + "description": "Dataplanes grouped by supported backends." + } + }, + "additionalProperties": true, + "type": "object", + "title": "MTLS" + }, + "kuma.mesh.v1alpha1.MeshInsight.PolicyStat": { + "properties": { + "total": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Policy Stat", + "description": "PolicyStat defines statistic for all policies in general" + }, + "kuma.mesh.v1alpha1.MeshInsight.ServiceStat": { + "properties": { + "total": { + "type": "integer" + }, + "internal": { + "type": "integer" + }, + "external": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Service Stat", + "description": "ServiceStat defines statistics of mesh services" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Message.json b/app/docs/2.4.x/protos/Message.json new file mode 100644 index 000000000..f8fd4b1df --- /dev/null +++ b/app/docs/2.4.x/protos/Message.json @@ -0,0 +1,789 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Message", + "definitions": { + "Message": { + "properties": { + "legacy_request": { + "$ref": "#/definitions/envoy.api.v2.DiscoveryRequest", + "additionalProperties": true + }, + "legacy_response": { + "$ref": "#/definitions/envoy.api.v2.DiscoveryResponse", + "additionalProperties": true + }, + "request": { + "$ref": "#/definitions/envoy.service.discovery.v3.DiscoveryRequest", + "additionalProperties": true + }, + "response": { + "$ref": "#/definitions/envoy.service.discovery.v3.DiscoveryResponse", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Message" + }, + "envoy.api.v2.DiscoveryRequest": { + "properties": { + "version_info": { + "type": "string", + "description": "The version_info provided in the request messages will be the version_info received with the most recent successfully processed response or empty on the first request. It is expected that no new request is sent after a response is received until the Envoy instance is ready to ACK/NACK the new configuration. ACK/NACK takes place by returning the new API config version as applied or the previous API config version respectively. Each type_url (see below) has an independent version associated with it." + }, + "node": { + "$ref": "#/definitions/envoy.api.v2.core.Node", + "additionalProperties": true, + "description": "The node making the request." + }, + "resource_names": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of resources to subscribe to, e.g. list of cluster names or a route configuration name. If this is empty, all resources for the API are returned. LDS/CDS may have empty resource_names, which will cause all resources for the Envoy instance to be returned. The LDS and CDS responses will then imply a number of resources that need to be fetched via EDS/RDS, which will be explicitly enumerated in resource_names." + }, + "type_url": { + "type": "string", + "description": "Type of the resource that is being requested, e.g. \"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\". This is implicit in requests made via singleton xDS APIs such as CDS, LDS, etc. but is required for ADS." + }, + "response_nonce": { + "type": "string", + "description": "nonce corresponding to DiscoveryResponse being ACK/NACKed. See above discussion on version_info and the DiscoveryResponse nonce comment. This may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, or 2) the client has not yet accepted an update in this xDS stream (unlike delta, where it is populated only for new explicit ACKs)." + }, + "error_detail": { + "$ref": "#/definitions/google.rpc.Status", + "additionalProperties": true, + "description": "This is populated when the previous :ref:`DiscoveryResponse \u003cenvoy_api_msg_DiscoveryResponse\u003e` failed to update configuration. The *message* field in *error_details* provides the Envoy internal exception related to the failure. It is only intended for consumption during manual debugging, the string provided is not guaranteed to be stable across Envoy versions." + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Common discovery API components]", + "description": "[#protodoc-title: Common discovery API components] A DiscoveryRequest requests a set of versioned resources of the same type for a given Envoy node on some API. [#next-free-field: 7]" + }, + "envoy.api.v2.DiscoveryResponse": { + "properties": { + "version_info": { + "type": "string", + "description": "The version of the response data." + }, + "resources": { + "items": { + "properties": { + "type_url": { + "type": "string", + "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." + }, + "value": { + "type": "string", + "description": "Must be a valid serialized protocol buffer of the above specified type.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Any", + "description": "`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(\u0026foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := \u0026pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := \u0026pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example \"foo.bar.com/x/y.z\" will yield type name \"y.z\". JSON The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { \"@type\": \"type.googleapis.com/google.profile.Person\", \"firstName\": \u003cstring\u003e, \"lastName\": \u003cstring\u003e } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { \"@type\": \"type.googleapis.com/google.protobuf.Duration\", \"value\": \"1.212s\" }" + }, + "type": "array", + "description": "The response resources. These resources are typed and depend on the API being called." + }, + "canary": { + "type": "boolean", + "description": "[#not-implemented-hide:] Canary is used to support two Envoy command line flags: * --terminate-on-canary-transition-failure. When set, Envoy is able to terminate if it detects that configuration is stuck at canary. Consider this example sequence of updates: - Management server applies a canary config successfully. - Management server rolls back to a production config. - Envoy rejects the new production config. Since there is no sensible way to continue receiving configuration updates, Envoy will then terminate and apply production config from a clean slate. * --dry-run-canary. When set, a canary response will never be applied, only validated via a dry run." + }, + "type_url": { + "type": "string", + "description": "Type URL for resources. Identifies the xDS API when muxing over ADS. Must be consistent with the type_url in the 'resources' repeated Any (if non-empty)." + }, + "nonce": { + "type": "string", + "description": "For gRPC based subscriptions, the nonce provides a way to explicitly ack a specific DiscoveryResponse in a following DiscoveryRequest. Additional messages may have been sent by Envoy to the management server for the previous version on the stream prior to this DiscoveryResponse, that were unprocessed at response send time. The nonce allows the management server to ignore any further DiscoveryRequests for the previous version until a DiscoveryRequest bearing the nonce. The nonce is optional and is not required for non-stream based xDS implementations." + }, + "control_plane": { + "$ref": "#/definitions/envoy.api.v2.core.ControlPlane", + "additionalProperties": true, + "description": "[#not-implemented-hide:] The control plane instance that sent the response." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Response", + "description": "[#next-free-field: 7]" + }, + "envoy.api.v2.core.Address": { + "properties": { + "socket_address": { + "$ref": "#/definitions/envoy.api.v2.core.SocketAddress", + "additionalProperties": true + }, + "pipe": { + "$ref": "#/definitions/envoy.api.v2.core.Pipe", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Address", + "description": "Addresses specify either a logical or physical address and port, which are used to tell Envoy where to bind/listen, connect to upstream and find management servers." + }, + "envoy.api.v2.core.BuildVersion": { + "properties": { + "version": { + "$ref": "#/definitions/envoy.type.SemanticVersion", + "additionalProperties": true, + "description": "SemVer version of extension." + }, + "metadata": { + "additionalProperties": true, + "type": "object", + "description": "Free-form build information. Envoy defines several well known keys in the source/common/version/version.h file" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Build Version", + "description": "BuildVersion combines SemVer version of extension with free-form build information (i.e. 'alpha', 'private-build') as a set of strings." + }, + "envoy.api.v2.core.ControlPlane": { + "properties": { + "identifier": { + "type": "string", + "description": "An opaque control plane identifier that uniquely identifies an instance of control plane. This can be used to identify which control plane instance, the Envoy is connected to." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Control Plane", + "description": "Identifies a specific ControlPlane instance that Envoy is connected to." + }, + "envoy.api.v2.core.Extension": { + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Envoy filter as specified in the Envoy configuration, e.g. envoy.filters.http.router, com.acme.widget." + }, + "category": { + "type": "string", + "description": "Category of the extension. Extension category names use reverse DNS notation. For instance \"envoy.filters.listener\" for Envoy's built-in listener filters or \"com.acme.filters.http\" for HTTP filters from acme.com vendor. [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]" + }, + "type_descriptor": { + "type": "string", + "description": "[#not-implemented-hide:] Type descriptor of extension configuration proto. [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]" + }, + "version": { + "$ref": "#/definitions/envoy.api.v2.core.BuildVersion", + "additionalProperties": true, + "description": "The version is a property of the extension and maintained independently of other extensions and the Envoy API. This field is not set when extension did not provide version information." + }, + "disabled": { + "type": "boolean", + "description": "Indicates that the extension is present but was disabled via dynamic configuration." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Extension", + "description": "Version and identification for an Envoy extension. [#next-free-field: 6]" + }, + "envoy.api.v2.core.Locality": { + "properties": { + "region": { + "type": "string", + "description": "Region this :ref:`zone \u003cenvoy_api_field_core.Locality.zone\u003e` belongs to." + }, + "zone": { + "type": "string", + "description": "Defines the local service zone where Envoy is running. Though optional, it should be set if discovery service routing is used and the discovery service exposes :ref:`zone data \u003cenvoy_api_field_endpoint.LocalityLbEndpoints.locality\u003e`, either in this message or via :option:`--service-zone`. The meaning of zone is context dependent, e.g. `Availability Zone (AZ) \u003chttps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\u003e`_ on AWS, `Zone \u003chttps://cloud.google.com/compute/docs/regions-zones/\u003e`_ on GCP, etc." + }, + "sub_zone": { + "type": "string", + "description": "When used for locality of upstream hosts, this field further splits zone into smaller chunks of sub-zones so they can be load balanced independently." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Locality", + "description": "Identifies location of where either Envoy runs or where upstream hosts run." + }, + "envoy.api.v2.core.Node": { + "properties": { + "id": { + "type": "string", + "description": "An opaque node identifier for the Envoy node. This also provides the local service node name. It should be set if any of the following features are used: :ref:`statsd \u003carch_overview_statistics\u003e`, :ref:`CDS \u003cconfig_cluster_manager_cds\u003e`, and :ref:`HTTP tracing \u003carch_overview_tracing\u003e`, either in this message or via :option:`--service-node`." + }, + "cluster": { + "type": "string", + "description": "Defines the local service cluster name where Envoy is running. Though optional, it should be set if any of the following features are used: :ref:`statsd \u003carch_overview_statistics\u003e`, :ref:`health check cluster verification \u003cenvoy_api_field_core.HealthCheck.HttpHealthCheck.service_name_matcher\u003e`, :ref:`runtime override directory \u003cenvoy_api_msg_config.bootstrap.v2.Runtime\u003e`, :ref:`user agent addition \u003cenvoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.add_user_agent\u003e`, :ref:`HTTP global rate limiting \u003cconfig_http_filters_rate_limit\u003e`, :ref:`CDS \u003cconfig_cluster_manager_cds\u003e`, and :ref:`HTTP tracing \u003carch_overview_tracing\u003e`, either in this message or via :option:`--service-cluster`." + }, + "metadata": { + "additionalProperties": true, + "type": "object", + "description": "Opaque metadata extending the node identifier. Envoy will pass this directly to the management server." + }, + "locality": { + "$ref": "#/definitions/envoy.api.v2.core.Locality", + "additionalProperties": true, + "description": "Locality specifying where the Envoy instance is running." + }, + "build_version": { + "type": "string", + "description": "This is motivated by informing a management server during canary which version of Envoy is being tested in a heterogeneous fleet. This will be set by Envoy in management server RPCs. This field is deprecated in favor of the user_agent_name and user_agent_version values." + }, + "user_agent_name": { + "type": "string", + "description": "Free-form string that identifies the entity requesting config. E.g. \"envoy\" or \"grpc\"" + }, + "user_agent_version": { + "type": "string", + "description": "Free-form string that identifies the version of the entity requesting config. E.g. \"1.12.2\" or \"abcd1234\", or \"SpecialEnvoyBuild\"" + }, + "user_agent_build_version": { + "$ref": "#/definitions/envoy.api.v2.core.BuildVersion", + "additionalProperties": true, + "description": "Structured version of the entity requesting config." + }, + "extensions": { + "items": { + "$ref": "#/definitions/envoy.api.v2.core.Extension" + }, + "type": "array", + "description": "List of extensions and their versions supported by the node." + }, + "client_features": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Client feature support list. These are well known features described in the Envoy API repository for a given major version of an API. Client features use reverse DNS naming scheme, for example `com.acme.feature`. See :ref:`the list of features \u003cclient_features\u003e` that xDS client may support." + }, + "listening_addresses": { + "items": { + "$ref": "#/definitions/envoy.api.v2.core.Address" + }, + "type": "array", + "description": "Known listening ports on the node as a generic hint to the management server for filtering :ref:`listeners \u003cconfig_listeners\u003e` to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Node", + "description": "Identifies a specific Envoy instance. The node identifier is presented to the management server, which may use this identifier to distinguish per Envoy configuration for serving. [#next-free-field: 12]" + }, + "envoy.api.v2.core.Pipe": { + "properties": { + "path": { + "type": "string", + "description": "Unix Domain Socket path. On Linux, paths starting with '@' will use the abstract namespace. The starting '@' is replaced by a null byte by Envoy. Paths starting with '@' will result in an error in environments other than Linux." + }, + "mode": { + "type": "integer", + "description": "The mode for the Pipe. Not applicable for abstract sockets." + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Network addresses]", + "description": "[#protodoc-title: Network addresses]" + }, + "envoy.api.v2.core.SocketAddress": { + "properties": { + "protocol": { + "enum": [ + "TCP", + 0, + "UDP", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Protocol" + }, + "address": { + "type": "string", + "description": "The address for this socket. :ref:`Listeners \u003cconfig_listeners\u003e` will bind to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: It is possible to distinguish a Listener address via the prefix/suffix matching in :ref:`FilterChainMatch \u003cenvoy_api_msg_listener.FilterChainMatch\u003e`.] When used within an upstream :ref:`BindConfig \u003cenvoy_api_msg_core.BindConfig\u003e`, the address controls the source address of outbound connections. For :ref:`clusters \u003cenvoy_api_msg_Cluster\u003e`, the cluster type determines whether the address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized via :ref:`resolver_name \u003cenvoy_api_field_core.SocketAddress.resolver_name\u003e`." + }, + "port_value": { + "type": "integer" + }, + "named_port": { + "type": "string", + "description": "This is only valid if :ref:`resolver_name \u003cenvoy_api_field_core.SocketAddress.resolver_name\u003e` is specified below and the named resolver is capable of named port resolution." + }, + "resolver_name": { + "type": "string", + "description": "The name of the custom resolver. This must have been registered with Envoy. If this is empty, a context dependent default applies. If the address is a concrete IP address, no resolution will occur. If address is a hostname this should be set for resolution other than DNS. Specifying a custom resolver with *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime." + }, + "ipv4_compat": { + "type": "boolean", + "description": "When binding to an IPv6 address above, this enables `IPv4 compatibility \u003chttps://tools.ietf.org/html/rfc3493#page-11\u003e`_. Binding to ``::`` will allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into IPv6 space as ``::FFFF:\u003cIPv4-address\u003e``." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Socket Address", + "description": "[#next-free-field: 7]" + }, + "envoy.config.core.v3.Address": { + "properties": { + "socket_address": { + "$ref": "#/definitions/envoy.config.core.v3.SocketAddress", + "additionalProperties": true + }, + "pipe": { + "$ref": "#/definitions/envoy.config.core.v3.Pipe", + "additionalProperties": true + }, + "envoy_internal_address": { + "$ref": "#/definitions/envoy.config.core.v3.EnvoyInternalAddress", + "additionalProperties": true, + "description": "Specifies a user-space address handled by :ref:`internal listeners \u003cenvoy_v3_api_field_config.listener.v3.Listener.internal_listener\u003e`." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Address", + "description": "Addresses specify either a logical or physical address and port, which are used to tell Envoy where to bind/listen, connect to upstream and find management servers." + }, + "envoy.config.core.v3.BuildVersion": { + "properties": { + "version": { + "$ref": "#/definitions/envoy.type.v3.SemanticVersion", + "additionalProperties": true, + "description": "SemVer version of extension." + }, + "metadata": { + "additionalProperties": true, + "type": "object", + "description": "Free-form build information. Envoy defines several well known keys in the source/common/version/version.h file" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Build Version", + "description": "BuildVersion combines SemVer version of extension with free-form build information (i.e. 'alpha', 'private-build') as a set of strings." + }, + "envoy.config.core.v3.ControlPlane": { + "properties": { + "identifier": { + "type": "string", + "description": "An opaque control plane identifier that uniquely identifies an instance of control plane. This can be used to identify which control plane instance, the Envoy is connected to." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Control Plane", + "description": "Identifies a specific ControlPlane instance that Envoy is connected to." + }, + "envoy.config.core.v3.EnvoyInternalAddress": { + "properties": { + "server_listener_name": { + "type": "string", + "description": "Specifies the :ref:`name \u003cenvoy_v3_api_field_config.listener.v3.Listener.name\u003e` of the internal listener." + }, + "endpoint_id": { + "type": "string", + "description": "Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a single upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for example, may be set to the final destination IP for the target internal listener." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Internal Address", + "description": "The address represents an envoy internal listener. [#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]" + }, + "envoy.config.core.v3.Extension": { + "properties": { + "name": { + "type": "string", + "description": "This is the name of the Envoy filter as specified in the Envoy configuration, e.g. envoy.filters.http.router, com.acme.widget." + }, + "category": { + "type": "string", + "description": "Category of the extension. Extension category names use reverse DNS notation. For instance \"envoy.filters.listener\" for Envoy's built-in listener filters or \"com.acme.filters.http\" for HTTP filters from acme.com vendor. [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]" + }, + "type_descriptor": { + "type": "string", + "description": "[#not-implemented-hide:] Type descriptor of extension configuration proto. [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]" + }, + "version": { + "$ref": "#/definitions/envoy.config.core.v3.BuildVersion", + "additionalProperties": true, + "description": "The version is a property of the extension and maintained independently of other extensions and the Envoy API. This field is not set when extension did not provide version information." + }, + "disabled": { + "type": "boolean", + "description": "Indicates that the extension is present but was disabled via dynamic configuration." + }, + "type_urls": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Type URLs of extension configuration protos." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Extension", + "description": "Version and identification for an Envoy extension. [#next-free-field: 7]" + }, + "envoy.config.core.v3.Locality": { + "properties": { + "region": { + "type": "string", + "description": "Region this :ref:`zone \u003cenvoy_v3_api_field_config.core.v3.Locality.zone\u003e` belongs to." + }, + "zone": { + "type": "string", + "description": "Defines the local service zone where Envoy is running. Though optional, it should be set if discovery service routing is used and the discovery service exposes :ref:`zone data \u003cenvoy_v3_api_field_config.endpoint.v3.LocalityLbEndpoints.locality\u003e`, either in this message or via :option:`--service-zone`. The meaning of zone is context dependent, e.g. `Availability Zone (AZ) \u003chttps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\u003e`_ on AWS, `Zone \u003chttps://cloud.google.com/compute/docs/regions-zones/\u003e`_ on GCP, etc." + }, + "sub_zone": { + "type": "string", + "description": "When used for locality of upstream hosts, this field further splits zone into smaller chunks of sub-zones so they can be load balanced independently." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Locality", + "description": "Identifies location of where either Envoy runs or where upstream hosts run." + }, + "envoy.config.core.v3.Node": { + "properties": { + "id": { + "type": "string", + "description": "An opaque node identifier for the Envoy node. This also provides the local service node name. It should be set if any of the following features are used: :ref:`statsd \u003carch_overview_statistics\u003e`, :ref:`CDS \u003cconfig_cluster_manager_cds\u003e`, and :ref:`HTTP tracing \u003carch_overview_tracing\u003e`, either in this message or via :option:`--service-node`." + }, + "cluster": { + "type": "string", + "description": "Defines the local service cluster name where Envoy is running. Though optional, it should be set if any of the following features are used: :ref:`statsd \u003carch_overview_statistics\u003e`, :ref:`health check cluster verification \u003cenvoy_v3_api_field_config.core.v3.HealthCheck.HttpHealthCheck.service_name_matcher\u003e`, :ref:`runtime override directory \u003cenvoy_v3_api_msg_config.bootstrap.v3.Runtime\u003e`, :ref:`user agent addition \u003cenvoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.add_user_agent\u003e`, :ref:`HTTP global rate limiting \u003cconfig_http_filters_rate_limit\u003e`, :ref:`CDS \u003cconfig_cluster_manager_cds\u003e`, and :ref:`HTTP tracing \u003carch_overview_tracing\u003e`, either in this message or via :option:`--service-cluster`." + }, + "metadata": { + "additionalProperties": true, + "type": "object", + "description": "Opaque metadata extending the node identifier. Envoy will pass this directly to the management server." + }, + "dynamic_parameters": { + "additionalProperties": { + "$ref": "#/definitions/xds.core.v3.ContextParams", + "additionalProperties": true + }, + "type": "object", + "description": "Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike other fields in this message). For example, the xDS client may have a shard identifier that changes during the lifetime of the xDS client. In Envoy, this would be achieved by updating the dynamic context on the Server::Instance's LocalInfo context provider. The shard ID dynamic parameter then appears in this field during future discovery requests." + }, + "locality": { + "$ref": "#/definitions/envoy.config.core.v3.Locality", + "additionalProperties": true, + "description": "Locality specifying where the Envoy instance is running." + }, + "user_agent_name": { + "type": "string", + "description": "Free-form string that identifies the entity requesting config. E.g. \"envoy\" or \"grpc\"" + }, + "user_agent_version": { + "type": "string", + "description": "Free-form string that identifies the version of the entity requesting config. E.g. \"1.12.2\" or \"abcd1234\", or \"SpecialEnvoyBuild\"" + }, + "user_agent_build_version": { + "$ref": "#/definitions/envoy.config.core.v3.BuildVersion", + "additionalProperties": true, + "description": "Structured version of the entity requesting config." + }, + "extensions": { + "items": { + "$ref": "#/definitions/envoy.config.core.v3.Extension" + }, + "type": "array", + "description": "List of extensions and their versions supported by the node." + }, + "client_features": { + "items": { + "type": "string" + }, + "type": "array", + "description": "Client feature support list. These are well known features described in the Envoy API repository for a given major version of an API. Client features use reverse DNS naming scheme, for example ``com.acme.feature``. See :ref:`the list of features \u003cclient_features\u003e` that xDS client may support." + }, + "listening_addresses": { + "items": { + "$ref": "#/definitions/envoy.config.core.v3.Address" + }, + "type": "array", + "description": "Known listening ports on the node as a generic hint to the management server for filtering :ref:`listeners \u003cconfig_listeners\u003e` to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Node", + "description": "Identifies a specific Envoy instance. The node identifier is presented to the management server, which may use this identifier to distinguish per Envoy configuration for serving. [#next-free-field: 13]" + }, + "envoy.config.core.v3.Pipe": { + "properties": { + "path": { + "minLength": 1, + "type": "string", + "description": "Unix Domain Socket path. On Linux, paths starting with '@' will use the abstract namespace. The starting '@' is replaced by a null byte by Envoy. Paths starting with '@' will result in an error in environments other than Linux." + }, + "mode": { + "type": "integer", + "description": "The mode for the Pipe. Not applicable for abstract sockets." + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Network addresses]", + "description": "[#protodoc-title: Network addresses]" + }, + "envoy.config.core.v3.SocketAddress": { + "properties": { + "protocol": { + "enum": [ + "TCP", + 0, + "UDP", + 1 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Protocol" + }, + "address": { + "minLength": 1, + "type": "string", + "description": "The address for this socket. :ref:`Listeners \u003cconfig_listeners\u003e` will bind to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: It is possible to distinguish a Listener address via the prefix/suffix matching in :ref:`FilterChainMatch \u003cenvoy_v3_api_msg_config.listener.v3.FilterChainMatch\u003e`.] When used within an upstream :ref:`BindConfig \u003cenvoy_v3_api_msg_config.core.v3.BindConfig\u003e`, the address controls the source address of outbound connections. For :ref:`clusters \u003cenvoy_v3_api_msg_config.cluster.v3.Cluster\u003e`, the cluster type determines whether the address must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS (``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized via :ref:`resolver_name \u003cenvoy_v3_api_field_config.core.v3.SocketAddress.resolver_name\u003e`." + }, + "port_value": { + "type": "integer" + }, + "named_port": { + "type": "string", + "description": "This is only valid if :ref:`resolver_name \u003cenvoy_v3_api_field_config.core.v3.SocketAddress.resolver_name\u003e` is specified below and the named resolver is capable of named port resolution." + }, + "resolver_name": { + "type": "string", + "description": "The name of the custom resolver. This must have been registered with Envoy. If this is empty, a context dependent default applies. If the address is a concrete IP address, no resolution will occur. If address is a hostname this should be set for resolution other than DNS. Specifying a custom resolver with ``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime." + }, + "ipv4_compat": { + "type": "boolean", + "description": "When binding to an IPv6 address above, this enables `IPv4 compatibility \u003chttps://tools.ietf.org/html/rfc3493#page-11\u003e`_. Binding to ``::`` will allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into IPv6 space as ``::FFFF:\u003cIPv4-address\u003e``." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Socket Address", + "description": "[#next-free-field: 7]" + }, + "envoy.service.discovery.v3.DiscoveryRequest": { + "properties": { + "version_info": { + "type": "string", + "description": "The version_info provided in the request messages will be the version_info received with the most recent successfully processed response or empty on the first request. It is expected that no new request is sent after a response is received until the Envoy instance is ready to ACK/NACK the new configuration. ACK/NACK takes place by returning the new API config version as applied or the previous API config version respectively. Each type_url (see below) has an independent version associated with it." + }, + "node": { + "$ref": "#/definitions/envoy.config.core.v3.Node", + "additionalProperties": true, + "description": "The node making the request." + }, + "resource_names": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of resources to subscribe to, e.g. list of cluster names or a route configuration name. If this is empty, all resources for the API are returned. LDS/CDS may have empty resource_names, which will cause all resources for the Envoy instance to be returned. The LDS and CDS responses will then imply a number of resources that need to be fetched via EDS/RDS, which will be explicitly enumerated in resource_names." + }, + "resource_locators": { + "items": { + "$ref": "#/definitions/envoy.service.discovery.v3.ResourceLocator" + }, + "type": "array", + "description": "[#not-implemented-hide:] Alternative to ``resource_names`` field that allows specifying dynamic parameters along with each resource name. Clients that populate this field must be able to handle responses from the server where resources are wrapped in a Resource message. Note that it is legal for a request to have some resources listed in ``resource_names`` and others in ``resource_locators``." + }, + "type_url": { + "type": "string", + "description": "Type of the resource that is being requested, e.g. \"type.googleapis.com/envoy.api.v2.ClusterLoadAssignment\". This is implicit in requests made via singleton xDS APIs such as CDS, LDS, etc. but is required for ADS." + }, + "response_nonce": { + "type": "string", + "description": "nonce corresponding to DiscoveryResponse being ACK/NACKed. See above discussion on version_info and the DiscoveryResponse nonce comment. This may be empty only if 1) this is a non-persistent-stream xDS such as HTTP, or 2) the client has not yet accepted an update in this xDS stream (unlike delta, where it is populated only for new explicit ACKs)." + }, + "error_detail": { + "$ref": "#/definitions/google.rpc.Status", + "additionalProperties": true, + "description": "This is populated when the previous :ref:`DiscoveryResponse \u003cenvoy_v3_api_msg_service.discovery.v3.DiscoveryResponse\u003e` failed to update configuration. The ``message`` field in ``error_details`` provides the Envoy internal exception related to the failure. It is only intended for consumption during manual debugging, the string provided is not guaranteed to be stable across Envoy versions." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Request", + "description": "A DiscoveryRequest requests a set of versioned resources of the same type for a given Envoy node on some API. [#next-free-field: 8]" + }, + "envoy.service.discovery.v3.DiscoveryResponse": { + "properties": { + "version_info": { + "type": "string", + "description": "The version of the response data." + }, + "resources": { + "items": { + "properties": { + "type_url": { + "type": "string", + "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." + }, + "value": { + "type": "string", + "description": "Must be a valid serialized protocol buffer of the above specified type.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Any", + "description": "`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(\u0026foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := \u0026pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := \u0026pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example \"foo.bar.com/x/y.z\" will yield type name \"y.z\". JSON The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { \"@type\": \"type.googleapis.com/google.profile.Person\", \"firstName\": \u003cstring\u003e, \"lastName\": \u003cstring\u003e } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { \"@type\": \"type.googleapis.com/google.protobuf.Duration\", \"value\": \"1.212s\" }" + }, + "type": "array", + "description": "The response resources. These resources are typed and depend on the API being called." + }, + "canary": { + "type": "boolean", + "description": "[#not-implemented-hide:] Canary is used to support two Envoy command line flags: * --terminate-on-canary-transition-failure. When set, Envoy is able to terminate if it detects that configuration is stuck at canary. Consider this example sequence of updates: - Management server applies a canary config successfully. - Management server rolls back to a production config. - Envoy rejects the new production config. Since there is no sensible way to continue receiving configuration updates, Envoy will then terminate and apply production config from a clean slate. * --dry-run-canary. When set, a canary response will never be applied, only validated via a dry run." + }, + "type_url": { + "type": "string", + "description": "Type URL for resources. Identifies the xDS API when muxing over ADS. Must be consistent with the type_url in the 'resources' repeated Any (if non-empty)." + }, + "nonce": { + "type": "string", + "description": "For gRPC based subscriptions, the nonce provides a way to explicitly ack a specific DiscoveryResponse in a following DiscoveryRequest. Additional messages may have been sent by Envoy to the management server for the previous version on the stream prior to this DiscoveryResponse, that were unprocessed at response send time. The nonce allows the management server to ignore any further DiscoveryRequests for the previous version until a DiscoveryRequest bearing the nonce. The nonce is optional and is not required for non-stream based xDS implementations." + }, + "control_plane": { + "$ref": "#/definitions/envoy.config.core.v3.ControlPlane", + "additionalProperties": true, + "description": "The control plane instance that sent the response." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Response", + "description": "[#next-free-field: 7]" + }, + "envoy.service.discovery.v3.ResourceLocator": { + "properties": { + "name": { + "type": "string", + "description": "The resource name to subscribe to." + }, + "dynamic_parameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "A set of dynamic parameters used to match against the dynamic parameter constraints on the resource. This allows clients to select between multiple variants of the same resource." + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Common discovery API components]", + "description": "[#protodoc-title: Common discovery API components] Specifies a resource to be subscribed to." + }, + "envoy.type.SemanticVersion": { + "properties": { + "major_number": { + "type": "integer" + }, + "minor_number": { + "type": "integer" + }, + "patch": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Semantic Version]", + "description": "[#protodoc-title: Semantic Version] Envoy uses SemVer (https://semver.org/). Major/minor versions indicate expected behaviors and APIs, the patch version field is used only for security fixes and can be generally ignored." + }, + "envoy.type.v3.SemanticVersion": { + "properties": { + "major_number": { + "type": "integer" + }, + "minor_number": { + "type": "integer" + }, + "patch": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "[#protodoc-title: Semantic version]", + "description": "[#protodoc-title: Semantic version] Envoy uses SemVer (https://semver.org/). Major/minor versions indicate expected behaviors and APIs, the patch version field is used only for security fixes and can be generally ignored." + }, + "google.rpc.Status": { + "properties": { + "code": { + "type": "integer", + "description": "The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]." + }, + "message": { + "type": "string", + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client." + }, + "details": { + "items": { + "properties": { + "type_url": { + "type": "string", + "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." + }, + "value": { + "type": "string", + "description": "Must be a valid serialized protocol buffer of the above specified type.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Any", + "description": "`Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(\u0026foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := \u0026pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := \u0026pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example \"foo.bar.com/x/y.z\" will yield type name \"y.z\". JSON The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { \"@type\": \"type.googleapis.com/google.profile.Person\", \"firstName\": \u003cstring\u003e, \"lastName\": \u003cstring\u003e } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { \"@type\": \"type.googleapis.com/google.protobuf.Duration\", \"value\": \"1.212s\" }" + }, + "type": "array", + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Status", + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors)." + }, + "xds.core.v3.ContextParams": { + "properties": { + "params": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Context Params", + "description": "Additional parameters that can be used to select resource variants. These include any global context parameters, per-resource type client feature capabilities and per-resource type functional attributes. All per-resource type attributes will be `xds.resource.` prefixed and some of these are documented below: `xds.resource.listening_address`: The value is \"IP:port\" (e.g. \"10.1.1.3:8080\") which is the listening address of a Listener. Used in a Listener resource query." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Metrics.json b/app/docs/2.4.x/protos/Metrics.json new file mode 100644 index 000000000..b3f79fe30 --- /dev/null +++ b/app/docs/2.4.x/protos/Metrics.json @@ -0,0 +1,46 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Metrics", + "definitions": { + "Metrics": { + "properties": { + "enabledBackend": { + "type": "string", + "description": "Name of the enabled backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.MetricsBackend" + }, + "type": "array", + "description": "List of available Metrics backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics", + "description": "Metrics defines configuration for metrics that should be collected and exposed by dataplanes." + }, + "kuma.mesh.v1alpha1.MetricsBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.metrics.enabledBackend" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'prometheus')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics Backend", + "description": "MetricsBackend defines metric backends" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/MetricsBackend.json b/app/docs/2.4.x/protos/MetricsBackend.json new file mode 100644 index 000000000..7ad44ef4b --- /dev/null +++ b/app/docs/2.4.x/protos/MetricsBackend.json @@ -0,0 +1,27 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/MetricsBackend", + "definitions": { + "MetricsBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.metrics.enabledBackend" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'prometheus')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Metrics Backend", + "description": "MetricsBackend defines metric backends" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Networking.json b/app/docs/2.4.x/protos/Networking.json new file mode 100644 index 000000000..771fcb1fc --- /dev/null +++ b/app/docs/2.4.x/protos/Networking.json @@ -0,0 +1,32 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Networking", + "definitions": { + "Networking": { + "properties": { + "outbound": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Networking.Outbound", + "additionalProperties": true, + "description": "Outbound settings" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking", + "description": "Networking defines the networking configuration of the mesh" + }, + "kuma.mesh.v1alpha1.Networking.Outbound": { + "properties": { + "passthrough": { + "additionalProperties": true, + "type": "boolean", + "description": "Control the passthrough cluster" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Outbound", + "description": "Outbound describes the common mesh outbound settings" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/PrometheusAggregateMetricsConfig.json b/app/docs/2.4.x/protos/PrometheusAggregateMetricsConfig.json new file mode 100644 index 000000000..4e5a51414 --- /dev/null +++ b/app/docs/2.4.x/protos/PrometheusAggregateMetricsConfig.json @@ -0,0 +1,35 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PrometheusAggregateMetricsConfig", + "definitions": { + "PrometheusAggregateMetricsConfig": { + "properties": { + "name": { + "type": "string", + "description": "Name which identify given configuration." + }, + "port": { + "type": "integer", + "description": "Port on which a service expose HTTP endpoint with Prometheus metrics." + }, + "path": { + "type": "string", + "description": "Path on which a service expose HTTP endpoint with Prometheus metrics." + }, + "enabled": { + "additionalProperties": true, + "type": "boolean", + "description": "If false then the application won't be scrapped. If nil, then it is treated as true and kuma-dp scrapes metrics from the service." + }, + "address": { + "type": "string", + "description": "Address on which a service expose HTTP endpoint with Prometheus metrics." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Aggregate Metrics Config", + "description": "PrometheusAggregateMetricsConfig defines endpoints that should be scrapped by kuma-dp for prometheus metrics. Any configuration change require sidecar restart." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/PrometheusEnvoyConfig.json b/app/docs/2.4.x/protos/PrometheusEnvoyConfig.json new file mode 100644 index 000000000..a438ec589 --- /dev/null +++ b/app/docs/2.4.x/protos/PrometheusEnvoyConfig.json @@ -0,0 +1,23 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PrometheusEnvoyConfig", + "definitions": { + "PrometheusEnvoyConfig": { + "properties": { + "filterRegex": { + "type": "string", + "description": "FilterRegex value that is going to be passed to Envoy for filtering Envoy metrics." + }, + "usedOnly": { + "additionalProperties": true, + "type": "boolean", + "description": "If true then return metrics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once). If nil, then it is treated as false." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Envoy Config", + "description": "PrometheusEnvoyConfig defines filters that should be passed to Envoy for filtering." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/PrometheusMetricsBackendConfig.json b/app/docs/2.4.x/protos/PrometheusMetricsBackendConfig.json new file mode 100644 index 000000000..05701962e --- /dev/null +++ b/app/docs/2.4.x/protos/PrometheusMetricsBackendConfig.json @@ -0,0 +1,124 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PrometheusMetricsBackendConfig", + "definitions": { + "PrometheusMetricsBackendConfig": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which a dataplane should expose HTTP endpoint with Prometheus metrics." + }, + "path": { + "type": "string", + "description": "Path on which a dataplane should expose HTTP endpoint with Prometheus metrics." + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags associated with an application this dataplane is deployed next to, e.g. service=web, version=1.0. `service` tag is mandatory." + }, + "skipMTLS": { + "additionalProperties": true, + "type": "boolean", + "description": "If true then endpoints for scraping metrics won't require mTLS even if mTLS is enabled in Mesh. If nil, then it is treated as false." + }, + "aggregate": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.PrometheusAggregateMetricsConfig" + }, + "type": "array", + "description": "Map with the configuration of applications which metrics are going to be scrapped by kuma-dp." + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.PrometheusEnvoyConfig", + "additionalProperties": true, + "description": "Configuration of Envoy's metrics." + }, + "tls": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.PrometheusTlsConfig", + "additionalProperties": true, + "description": "Configuration of TLS for prometheus listener." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Metrics Backend Config", + "description": "PrometheusMetricsBackendConfig defines configuration of Prometheus backend" + }, + "kuma.mesh.v1alpha1.PrometheusAggregateMetricsConfig": { + "properties": { + "name": { + "type": "string", + "description": "Name which identify given configuration." + }, + "port": { + "type": "integer", + "description": "Port on which a service expose HTTP endpoint with Prometheus metrics." + }, + "path": { + "type": "string", + "description": "Path on which a service expose HTTP endpoint with Prometheus metrics." + }, + "enabled": { + "additionalProperties": true, + "type": "boolean", + "description": "If false then the application won't be scrapped. If nil, then it is treated as true and kuma-dp scrapes metrics from the service." + }, + "address": { + "type": "string", + "description": "Address on which a service expose HTTP endpoint with Prometheus metrics." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Aggregate Metrics Config", + "description": "PrometheusAggregateMetricsConfig defines endpoints that should be scrapped by kuma-dp for prometheus metrics. Any configuration change require sidecar restart." + }, + "kuma.mesh.v1alpha1.PrometheusEnvoyConfig": { + "properties": { + "filterRegex": { + "type": "string", + "description": "FilterRegex value that is going to be passed to Envoy for filtering Envoy metrics." + }, + "usedOnly": { + "additionalProperties": true, + "type": "boolean", + "description": "If true then return metrics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once). If nil, then it is treated as false." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Envoy Config", + "description": "PrometheusEnvoyConfig defines filters that should be passed to Envoy for filtering." + }, + "kuma.mesh.v1alpha1.PrometheusTlsConfig": { + "properties": { + "mode": { + "enum": [ + "activeMTLSBackend", + 0, + "providedTLS", + 1, + "disabled", + 2 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Mode" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Tls Config", + "description": "PrometheusEnvoyConfig defines Tls configuration for Prometheus listener." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/PrometheusTlsConfig.json b/app/docs/2.4.x/protos/PrometheusTlsConfig.json new file mode 100644 index 000000000..90e6ee974 --- /dev/null +++ b/app/docs/2.4.x/protos/PrometheusTlsConfig.json @@ -0,0 +1,33 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PrometheusTlsConfig", + "definitions": { + "PrometheusTlsConfig": { + "properties": { + "mode": { + "enum": [ + "activeMTLSBackend", + 0, + "providedTLS", + 1, + "disabled", + 2 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Mode" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Prometheus Tls Config", + "description": "PrometheusEnvoyConfig defines Tls configuration for Prometheus listener." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ProxyTemplate.json b/app/docs/2.4.x/protos/ProxyTemplate.json new file mode 100644 index 000000000..047ef6f39 --- /dev/null +++ b/app/docs/2.4.x/protos/ProxyTemplate.json @@ -0,0 +1,339 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ProxyTemplate", + "definitions": { + "ProxyTemplate": { + "properties": { + "selectors": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of Dataplane selectors." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Conf", + "additionalProperties": true, + "description": "Configuration for ProxyTemplate" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template", + "description": "ProxyTemplate defines the desired state of ProxyTemplate" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Conf": { + "properties": { + "imports": { + "items": { + "type": "string" + }, + "type": "array", + "description": "List of imported profiles. +optional" + }, + "resources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplateRawResource" + }, + "type": "array", + "description": "List of raw xDS resources. +optional" + }, + "modifications": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications" + }, + "type": "array", + "description": "List of config modifications" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications": { + "properties": { + "cluster": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Cluster", + "additionalProperties": true, + "description": "Cluster modification" + }, + "listener": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Listener", + "additionalProperties": true, + "description": "Listener modification" + }, + "networkFilter": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.NetworkFilter", + "additionalProperties": true, + "description": "Network Filter modification" + }, + "httpFilter": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.HttpFilter", + "additionalProperties": true, + "description": "HTTP Filter modification" + }, + "virtualHost": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.VirtualHost", + "additionalProperties": true, + "description": "Virtual Host modifications" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Modifications", + "description": "Modifications to xDS config generated by Proxy Template" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Cluster": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Cluster.Match", + "additionalProperties": true, + "description": "Only clusters that match will be modified" + }, + "operation": { + "type": "string", + "description": "Operation to apply on a cluster (add, remove, patch)" + }, + "value": { + "type": "string", + "description": "xDS cluster" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Cluster", + "description": "Cluster defines modifications to generated clusters" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Cluster.Match": { + "properties": { + "origin": { + "type": "string", + "description": "Origin of the resource generation. (inbound, outbound, prometheus, transparent, ingress)" + }, + "name": { + "type": "string", + "description": "Name of the cluster to match" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines match for cluster" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.HttpFilter": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.HttpFilter.Match", + "additionalProperties": true, + "description": "Only HTTP filters that match will be modified" + }, + "operation": { + "type": "string", + "description": "Operation to apply on network filter (addFirst, addLast, addBefore, addAfter, remove, patch)" + }, + "value": { + "type": "string", + "description": "xDS HTTP filter" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http Filter", + "description": "HttpFilter defines modifications to generated HTTP filters" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.HttpFilter.Match": { + "properties": { + "origin": { + "type": "string", + "description": "Origin of the resource generation. (inbound, outbound, prometheus, transparent, ingress)" + }, + "name": { + "type": "string", + "description": "Name of the network filter" + }, + "listenerName": { + "type": "string", + "description": "Name of the listener that http filter modifications will be applied to" + }, + "listenerTags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "ListenerTags available in Listener#Metadata#FilterMetadata[io.kuma.tags]" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines match for http filter" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Listener": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Listener.Match", + "additionalProperties": true, + "description": "Only listeners that match will be modified" + }, + "operation": { + "type": "string", + "description": "Operation to apply on a listener (add, remove, patch)" + }, + "value": { + "type": "string", + "description": "xDS listener" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Listener", + "description": "Listener defines modification to generated listeners" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.Listener.Match": { + "properties": { + "origin": { + "type": "string", + "description": "Origin of the resource generation. (inbound, outbound, prometheus, transparent, ingress)" + }, + "name": { + "type": "string", + "description": "Name of the listener to match" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines match for listener" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.NetworkFilter": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.NetworkFilter.Match", + "additionalProperties": true, + "description": "Only network filters that match will be modified" + }, + "operation": { + "type": "string", + "description": "Operation to apply on network filter (addFirst, addLast, addBefore, addAfter, remove, patch)" + }, + "value": { + "type": "string", + "description": "xDS network filter" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Network Filter", + "description": "Listener defines modification to generated network filters" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.NetworkFilter.Match": { + "properties": { + "origin": { + "type": "string", + "description": "Origin of the resource generation. (inbound, outbound, prometheus, transparent, ingress)" + }, + "name": { + "type": "string", + "description": "Name of the network filter" + }, + "listenerName": { + "type": "string", + "description": "Name of the listener that network filter modifications will be applied to" + }, + "listenerTags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "ListenerTags available in Listener#Metadata#FilterMetadata[io.kuma.tags]" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines match for network filter" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.VirtualHost": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplate.Modifications.VirtualHost.Match", + "additionalProperties": true, + "description": "Only virtual hosts that match will be modified" + }, + "operation": { + "type": "string", + "description": "Operation to apply on a virtual hosts (add, remove, patch)" + }, + "value": { + "type": "string", + "description": "xDS virtual host" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Virtual Host", + "description": "VirtualHost defines modification to generated virtual hosts" + }, + "kuma.mesh.v1alpha1.ProxyTemplate.Modifications.VirtualHost.Match": { + "properties": { + "origin": { + "type": "string", + "description": "Origin of the resource generation. (inbound, outbound, prometheus, transparent, ingress)" + }, + "name": { + "type": "string", + "description": "Name of the virtual host to match" + }, + "routeConfigurationName": { + "type": "string", + "description": "Name of the route configuration" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines match for virtual host" + }, + "kuma.mesh.v1alpha1.ProxyTemplateRawResource": { + "properties": { + "name": { + "type": "string", + "description": "The resource's name, to distinguish it from others of the same type of resource." + }, + "version": { + "type": "string", + "description": "The resource level version. It allows xDS to track the state of individual resources." + }, + "resource": { + "type": "string", + "description": "xDS resource." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Resource" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ProxyTemplateProfileSource.json b/app/docs/2.4.x/protos/ProxyTemplateProfileSource.json new file mode 100644 index 000000000..e6e130768 --- /dev/null +++ b/app/docs/2.4.x/protos/ProxyTemplateProfileSource.json @@ -0,0 +1,24 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ProxyTemplateProfileSource", + "definitions": { + "ProxyTemplateProfileSource": { + "properties": { + "name": { + "type": "string", + "description": "Profile name." + }, + "params": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Profile params if any. +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Profile Source" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ProxyTemplateRawResource.json b/app/docs/2.4.x/protos/ProxyTemplateRawResource.json new file mode 100644 index 000000000..a990ff764 --- /dev/null +++ b/app/docs/2.4.x/protos/ProxyTemplateRawResource.json @@ -0,0 +1,25 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ProxyTemplateRawResource", + "definitions": { + "ProxyTemplateRawResource": { + "properties": { + "name": { + "type": "string", + "description": "The resource's name, to distinguish it from others of the same type of resource." + }, + "version": { + "type": "string", + "description": "The resource level version. It allows xDS to track the state of individual resources." + }, + "resource": { + "type": "string", + "description": "xDS resource." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Resource" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ProxyTemplateRawSource.json b/app/docs/2.4.x/protos/ProxyTemplateRawSource.json new file mode 100644 index 000000000..c7ac8bb49 --- /dev/null +++ b/app/docs/2.4.x/protos/ProxyTemplateRawSource.json @@ -0,0 +1,39 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ProxyTemplateRawSource", + "definitions": { + "ProxyTemplateRawSource": { + "properties": { + "resources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplateRawResource" + }, + "type": "array", + "description": "List of raw xDS resources. +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Source" + }, + "kuma.mesh.v1alpha1.ProxyTemplateRawResource": { + "properties": { + "name": { + "type": "string", + "description": "The resource's name, to distinguish it from others of the same type of resource." + }, + "version": { + "type": "string", + "description": "The resource level version. It allows xDS to track the state of individual resources." + }, + "resource": { + "type": "string", + "description": "xDS resource." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Resource" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ProxyTemplateSource.json b/app/docs/2.4.x/protos/ProxyTemplateSource.json new file mode 100644 index 000000000..d5a244749 --- /dev/null +++ b/app/docs/2.4.x/protos/ProxyTemplateSource.json @@ -0,0 +1,78 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ProxyTemplateSource", + "definitions": { + "ProxyTemplateSource": { + "properties": { + "name": { + "type": "string", + "description": "Name of a configuration source. +optional" + }, + "profile": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplateProfileSource", + "additionalProperties": true, + "description": "Profile, e.g. `default-proxy`. +optional" + }, + "raw": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplateRawSource", + "additionalProperties": true, + "description": "Raw xDS resources. +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Source" + }, + "kuma.mesh.v1alpha1.ProxyTemplateProfileSource": { + "properties": { + "name": { + "type": "string", + "description": "Profile name." + }, + "params": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Profile params if any. +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Profile Source" + }, + "kuma.mesh.v1alpha1.ProxyTemplateRawResource": { + "properties": { + "name": { + "type": "string", + "description": "The resource's name, to distinguish it from others of the same type of resource." + }, + "version": { + "type": "string", + "description": "The resource level version. It allows xDS to track the state of individual resources." + }, + "resource": { + "type": "string", + "description": "xDS resource." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Resource" + }, + "kuma.mesh.v1alpha1.ProxyTemplateRawSource": { + "properties": { + "resources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ProxyTemplateRawResource" + }, + "type": "array", + "description": "List of raw xDS resources. +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Proxy Template Raw Source" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/RateLimit.json b/app/docs/2.4.x/protos/RateLimit.json new file mode 100644 index 000000000..afb09cba1 --- /dev/null +++ b/app/docs/2.4.x/protos/RateLimit.json @@ -0,0 +1,120 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/RateLimit", + "definitions": { + "RateLimit": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that rate limit will be applied for" + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that need to be rate limited." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.RateLimit.Conf", + "additionalProperties": true, + "description": "Configuration for RateLimit +required" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Rate Limit" + }, + "kuma.mesh.v1alpha1.RateLimit.Conf": { + "properties": { + "http": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.RateLimit.Conf.Http", + "additionalProperties": true, + "description": "The HTTP RateLimit configuration +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.RateLimit.Conf.Http": { + "properties": { + "requests": { + "type": "integer", + "description": "The number of HTTP requests this RateLimiter allows +required" + }, + "interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "The the interval for which `requests` will be accounted. +required", + "format": "regex" + }, + "onRateLimit": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.RateLimit.Conf.Http.OnRateLimit", + "additionalProperties": true, + "description": "Describes the actions to take on RatelLimiter event +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http" + }, + "kuma.mesh.v1alpha1.RateLimit.Conf.Http.OnRateLimit": { + "properties": { + "status": { + "additionalProperties": true, + "type": "integer", + "description": "The HTTP status code to be set on a RateLimit event +optional" + }, + "headers": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.RateLimit.Conf.Http.OnRateLimit.HeaderValue" + }, + "type": "array", + "description": "The Headers to be added to the HTTP response on a RateLimit event +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "On Rate Limit" + }, + "kuma.mesh.v1alpha1.RateLimit.Conf.Http.OnRateLimit.HeaderValue": { + "properties": { + "key": { + "type": "string", + "description": "Header name +optional" + }, + "value": { + "type": "string", + "description": "Header value +optional" + }, + "append": { + "additionalProperties": true, + "type": "boolean", + "description": "Should the header be appended +optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Header Value" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Retry.json b/app/docs/2.4.x/protos/Retry.json new file mode 100644 index 000000000..913d8f6b2 --- /dev/null +++ b/app/docs/2.4.x/protos/Retry.json @@ -0,0 +1,224 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Retry", + "definitions": { + "Retry": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that retry policy should be configured for" + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that need to be health checked." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf", + "additionalProperties": true, + "description": "+required" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Retry" + }, + "kuma.mesh.v1alpha1.Retry.Conf": { + "properties": { + "http": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf.Http", + "additionalProperties": true + }, + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf.Tcp", + "additionalProperties": true + }, + "grpc": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf.Grpc", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.Retry.Conf.BackOff": { + "properties": { + "base_interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "+required", + "format": "regex" + }, + "max_interval": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "+optional", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Back Off" + }, + "kuma.mesh.v1alpha1.Retry.Conf.Grpc": { + "properties": { + "retry_on": { + "items": { + "enum": [ + "cancelled", + 0, + "deadline_exceeded", + 1, + "internal", + 2, + "resource_exhausted", + 3, + "unavailable", + 4 + ] + }, + "type": "array", + "title": "Retry On" + }, + "num_retries": { + "additionalProperties": true, + "type": "integer", + "description": "+optional" + }, + "per_try_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "+optional", + "format": "regex" + }, + "back_off": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf.BackOff", + "additionalProperties": true, + "description": "+optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Grpc" + }, + "kuma.mesh.v1alpha1.Retry.Conf.Http": { + "properties": { + "num_retries": { + "additionalProperties": true, + "type": "integer", + "description": "+optional" + }, + "per_try_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "+optional", + "format": "regex" + }, + "back_off": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Retry.Conf.BackOff", + "additionalProperties": true, + "description": "+optional" + }, + "retriable_status_codes": { + "items": { + "type": "integer" + }, + "type": "array", + "description": "+optional" + }, + "retriable_methods": { + "items": { + "enum": [ + "NONE", + 0, + "CONNECT", + 1, + "DELETE", + 2, + "GET", + 3, + "HEAD", + 4, + "OPTIONS", + 5, + "PATCH", + 6, + "POST", + 7, + "PUT", + 8, + "TRACE", + 9 + ] + }, + "type": "array", + "title": "Http Method" + }, + "retry_on": { + "items": { + "enum": [ + "all_5xx", + 0, + "gateway_error", + 1, + "reset", + 2, + "connect_failure", + 3, + "envoy_ratelimited", + 4, + "retriable_4xx", + 5, + "refused_stream", + 6, + "retriable_status_codes", + 7, + "retriable_headers", + 8, + "http3_post_connect_failure", + 9 + ] + }, + "type": "array", + "title": "Http Retry On", + "description": "These options correspond with the retry_on options in Envoy's documentation: https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-retry-on" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http" + }, + "kuma.mesh.v1alpha1.Retry.Conf.Tcp": { + "properties": { + "max_connect_attempts": { + "type": "integer", + "description": "+optional" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tcp" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Routing.json b/app/docs/2.4.x/protos/Routing.json new file mode 100644 index 000000000..858a02b0b --- /dev/null +++ b/app/docs/2.4.x/protos/Routing.json @@ -0,0 +1,22 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Routing", + "definitions": { + "Routing": { + "properties": { + "localityAwareLoadBalancing": { + "type": "boolean", + "description": "Enable the Locality Aware Load Balancing" + }, + "zoneEgress": { + "type": "boolean", + "description": "Enable routing traffic to services in other zone or external services through ZoneEgress. Default: false" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Routing", + "description": "Routing defines configuration for the routing in the mesh" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Selector.json b/app/docs/2.4.x/protos/Selector.json new file mode 100644 index 000000000..91f0fe4af --- /dev/null +++ b/app/docs/2.4.x/protos/Selector.json @@ -0,0 +1,21 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Selector", + "definitions": { + "Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ServiceInsight.json b/app/docs/2.4.x/protos/ServiceInsight.json new file mode 100644 index 000000000..21a33e559 --- /dev/null +++ b/app/docs/2.4.x/protos/ServiceInsight.json @@ -0,0 +1,100 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ServiceInsight", + "definitions": { + "ServiceInsight": { + "properties": { + "services": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ServiceInsight.Service", + "additionalProperties": true + }, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Service Insight" + }, + "kuma.mesh.v1alpha1.ServiceInsight.Service": { + "properties": { + "status": { + "enum": [ + "none", + 0, + "offline", + 1, + "partially_degraded", + 2, + "online", + 3, + "not_available", + 4 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Status" + }, + "dataplanes": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ServiceInsight.Service.DataplaneStat", + "additionalProperties": true + }, + "issuedBackends": { + "additionalProperties": { + "type": "integer" + }, + "type": "object" + }, + "serviceType": { + "enum": [ + "internal", + 0, + "external", + 1, + "gateway_delegated", + 2, + "gateway_builtin", + 3 + ], + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "title": "Type" + }, + "addressPort": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Service" + }, + "kuma.mesh.v1alpha1.ServiceInsight.Service.DataplaneStat": { + "properties": { + "total": { + "type": "integer" + }, + "online": { + "type": "integer" + }, + "offline": { + "type": "integer" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Dataplane Stat" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/StatsRequest.json b/app/docs/2.4.x/protos/StatsRequest.json new file mode 100644 index 000000000..a94577050 --- /dev/null +++ b/app/docs/2.4.x/protos/StatsRequest.json @@ -0,0 +1,30 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/StatsRequest", + "definitions": { + "StatsRequest": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID of a request so we can correlate requests with response on one stream." + }, + "resource_type": { + "type": "string", + "description": "Type of resource (Dataplane, ZoneIngress, ZoneEgress)" + }, + "resource_name": { + "type": "string", + "description": "Name of the resource on which we execute kuma-dp stats request." + }, + "resource_mesh": { + "type": "string", + "description": "Mesh of the resource on which we execute kuma-dp stats request. Should be empty for ZoneIngress, ZoneEgress." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Stats Request", + "description": "StatsRequest is a request for kuma-dp stats that is executed on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/StatsResponse.json b/app/docs/2.4.x/protos/StatsResponse.json new file mode 100644 index 000000000..e64f5f98c --- /dev/null +++ b/app/docs/2.4.x/protos/StatsResponse.json @@ -0,0 +1,28 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/StatsResponse", + "definitions": { + "StatsResponse": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID that was set by the Global CP." + }, + "error": { + "type": "string", + "description": "Error that was captured by the Zone CP when executing kuma-dp stats request." + }, + "stats": { + "type": "string", + "description": "The stats content that is a successful result of kuma-dp stats execution.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Stats Response", + "description": "StatsResponse is a response containing result of kuma-dp stats execution on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TcpLoggingBackendConfig.json b/app/docs/2.4.x/protos/TcpLoggingBackendConfig.json new file mode 100644 index 000000000..ce4ae7037 --- /dev/null +++ b/app/docs/2.4.x/protos/TcpLoggingBackendConfig.json @@ -0,0 +1,18 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TcpLoggingBackendConfig", + "definitions": { + "TcpLoggingBackendConfig": { + "properties": { + "address": { + "type": "string", + "description": "Address to TCP service that will receive logs" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tcp Logging Backend Config", + "description": "TcpLoggingBackendConfig defines configuration for TCP based access logs" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Timeout.json b/app/docs/2.4.x/protos/Timeout.json new file mode 100644 index 000000000..e6d1694c2 --- /dev/null +++ b/app/docs/2.4.x/protos/Timeout.json @@ -0,0 +1,138 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Timeout", + "definitions": { + "Timeout": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Timeout.Conf", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Timeout" + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.mesh.v1alpha1.Timeout.Conf": { + "properties": { + "connect_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "ConnectTimeout defines time to establish connection", + "format": "regex" + }, + "tcp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Timeout.Conf.Tcp", + "additionalProperties": true + }, + "http": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Timeout.Conf.Http", + "additionalProperties": true + }, + "grpc": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Timeout.Conf.Grpc", + "additionalProperties": true, + "description": "Deprecated: set parameters through Http section" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.Timeout.Conf.Grpc": { + "properties": { + "stream_idle_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "StreamIdleTimeout is the amount of time that the connection manager will allow a stream to exist with no upstream or downstream activity Deprecated: use Http.StreamIdleTimeout instead", + "format": "regex" + }, + "max_stream_duration": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "MaxStreamDuration is the maximum time that a stream’s lifetime will span Deprecated: use Http.MaxStreamDuration instead", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Grpc", + "description": "Grpc defines timeouts that are applied when the protocol is GRPC" + }, + "kuma.mesh.v1alpha1.Timeout.Conf.Http": { + "properties": { + "request_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "RequestTimeout is a span between the point at which the entire downstream request (i.e. end-of-stream) has been processed and when the upstream response has been completely processed", + "format": "regex" + }, + "idle_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "IdleTimeout is the time at which a downstream or upstream connection will be terminated if there are no active streams", + "format": "regex" + }, + "stream_idle_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "StreamIdleTimeout is the amount of time that the connection manager will allow a stream to exist with no upstream or downstream activity", + "format": "regex" + }, + "max_stream_duration": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "MaxStreamDuration is the maximum time that a stream’s lifetime will span", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http", + "description": "Http defines timeouts that are applied when the protocol is HTTP" + }, + "kuma.mesh.v1alpha1.Timeout.Conf.Tcp": { + "properties": { + "idle_timeout": { + "pattern": "^([0-9]+\\.?[0-9]*|\\.[0-9]+)s$", + "type": "string", + "description": "IdleTimeout is defined as the period in which there are no bytes sent or received on either the upstream or downstream connection", + "format": "regex" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tcp", + "description": "Tcp defines timeouts that are applied when the protocol is TCP" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Tracing.json b/app/docs/2.4.x/protos/Tracing.json new file mode 100644 index 000000000..b7cc2dbef --- /dev/null +++ b/app/docs/2.4.x/protos/Tracing.json @@ -0,0 +1,51 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Tracing", + "definitions": { + "Tracing": { + "properties": { + "defaultBackend": { + "type": "string", + "description": "Name of the default backend" + }, + "backends": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TracingBackend" + }, + "type": "array", + "description": "List of available tracing backends" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tracing", + "description": "Tracing defines tracing configuration of the mesh." + }, + "kuma.mesh.v1alpha1.TracingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.tracing.defaultBackend or in TrafficTrace" + }, + "sampling": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of traces that will be sent to the backend (range 0.0 - 100.0). Empty value defaults to 100.0%" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'zipkin')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tracing Backend", + "description": "TracingBackend defines tracing backend available to mesh. Backends can be used in TrafficTrace rules." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TracingBackend.json b/app/docs/2.4.x/protos/TracingBackend.json new file mode 100644 index 000000000..4bf433707 --- /dev/null +++ b/app/docs/2.4.x/protos/TracingBackend.json @@ -0,0 +1,32 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TracingBackend", + "definitions": { + "TracingBackend": { + "properties": { + "name": { + "type": "string", + "description": "Name of the backend, can be then used in Mesh.tracing.defaultBackend or in TrafficTrace" + }, + "sampling": { + "additionalProperties": true, + "type": "number", + "description": "Percentage of traces that will be sent to the backend (range 0.0 - 100.0). Empty value defaults to 100.0%" + }, + "type": { + "type": "string", + "description": "Type of the backend (Kuma ships with 'zipkin')" + }, + "conf": { + "additionalProperties": true, + "type": "object", + "description": "Configuration of the backend" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Tracing Backend", + "description": "TracingBackend defines tracing backend available to mesh. Backends can be used in TrafficTrace rules." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TrafficLog.json b/app/docs/2.4.x/protos/TrafficLog.json new file mode 100644 index 000000000..62a817926 --- /dev/null +++ b/app/docs/2.4.x/protos/TrafficLog.json @@ -0,0 +1,60 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TrafficLog", + "definitions": { + "TrafficLog": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficLog.Conf", + "additionalProperties": true, + "description": "Configuration of the logging." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Traffic Log", + "description": "TrafficLog defines log for traffic between dataplanes." + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.mesh.v1alpha1.TrafficLog.Conf": { + "properties": { + "backend": { + "type": "string", + "description": "Backend defined in the Mesh entity." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Configuration defines settings of the logging." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TrafficPermission.json b/app/docs/2.4.x/protos/TrafficPermission.json new file mode 100644 index 000000000..5c9068126 --- /dev/null +++ b/app/docs/2.4.x/protos/TrafficPermission.json @@ -0,0 +1,43 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TrafficPermission", + "definitions": { + "TrafficPermission": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Traffic Permission", + "description": "TrafficPermission defines permission for traffic between dataplanes." + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TrafficRoute.json b/app/docs/2.4.x/protos/TrafficRoute.json new file mode 100644 index 000000000..c10979152 --- /dev/null +++ b/app/docs/2.4.x/protos/TrafficRoute.json @@ -0,0 +1,390 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TrafficRoute", + "definitions": { + "TrafficRoute": { + "properties": { + "sources": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match data plane proxies that are sources of traffic." + }, + "destinations": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match services that are destinations of traffic. Notice the difference between sources and destinations. While the source of traffic is always a data plane proxy within a mesh, the destination is a service that could be either within or outside of a mesh." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Conf", + "additionalProperties": true, + "description": "Configuration for the route." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Traffic Route", + "description": "TrafficRoute defines routing rules for the traffic in the mesh." + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.mesh.v1alpha1.TrafficRoute.Conf": { + "properties": { + "split": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Split" + }, + "type": "array", + "description": "List of destinations with weights assigned to them. When used, \"destination\" is not allowed." + }, + "load_balancer": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer", + "additionalProperties": true, + "description": "Load balancer configuration for given \"split\" or \"destination\"" + }, + "destination": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "One destination that the traffic will be redirected to. When used, \"split\" is not allowed." + }, + "http": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http" + }, + "type": "array", + "description": "Configuration of HTTP traffic. Traffic is matched one by one with the order defined in the list. If the request does not match any criteria then \"split\" or \"destination\" outside of \"http\" section is executed." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Conf defines the destination configuration." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http": { + "properties": { + "match": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Match", + "additionalProperties": true, + "description": "If request matches against defined criteria then \"split\" or \"destination\" is executed." + }, + "modify": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify", + "additionalProperties": true, + "description": "Modifications to the traffic matched by the match section." + }, + "split": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Split" + }, + "type": "array", + "description": "List of destinations with weights assigned to them. When used, \"destination\" is not allowed." + }, + "destination": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "One destination that the traffic will be redirected to. When used, \"split\" is not allowed." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Http", + "description": "Http defines configuration for HTTP traffic." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Match": { + "properties": { + "method": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Match.StringMatcher", + "additionalProperties": true, + "description": "Method matches method of HTTP request." + }, + "path": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Match.StringMatcher", + "additionalProperties": true, + "description": "Path matches HTTP path." + }, + "headers": { + "additionalProperties": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Match.StringMatcher", + "additionalProperties": true + }, + "type": "object", + "description": "Headers match HTTP request headers." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Match", + "description": "Match defines a series of matching criteria to apply modification and reroute the traffic." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Match.StringMatcher": { + "properties": { + "prefix": { + "type": "string", + "description": "Prefix matches the string against defined prefix." + }, + "exact": { + "type": "string", + "description": "Exact checks that strings are equal to each other." + }, + "regex": { + "type": "string", + "description": "Regex checks the string using RE2 syntax. https://github.com/google/re2/wiki/Syntax" + } + }, + "additionalProperties": true, + "type": "object", + "title": "String Matcher", + "description": "StringMatcher matches the string value." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify": { + "properties": { + "path": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Path", + "additionalProperties": true, + "description": "Path modifications." + }, + "host": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Host", + "additionalProperties": true, + "description": "Host modifications." + }, + "requestHeaders": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers", + "additionalProperties": true, + "description": "Request headers modifications." + }, + "responseHeaders": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers", + "additionalProperties": true, + "description": "Response headers modifications." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Modify", + "description": "Modify defines modifications of matched HTTP messages." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers": { + "properties": { + "add": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers.Add" + }, + "type": "array", + "description": "List of add header operations." + }, + "remove": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers.Remove" + }, + "type": "array", + "description": "List of remove header operations." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Headers", + "description": "Headers defines modification of HTTP headers." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers.Add": { + "properties": { + "name": { + "type": "string", + "description": "Name of the header." + }, + "value": { + "type": "string", + "description": "Value of the header." + }, + "append": { + "type": "boolean", + "description": "If true, it appends the value if there is already a value. Otherwise, value of existing header will be replaced." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Add", + "description": "Add defines operation of adding new HTTP header." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Headers.Remove": { + "properties": { + "name": { + "type": "string", + "description": "Name of the header to remove." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Remove", + "description": "Remove defines operation of removing an HTTP header." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Host": { + "properties": { + "value": { + "type": "string", + "description": "Value replaces the host header with given value." + }, + "fromPath": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.RegexReplace", + "additionalProperties": true, + "description": "FromPath replaces the host header from path using regex." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Host", + "description": "Host defines modification of the HTTP Host header" + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.Path": { + "properties": { + "rewritePrefix": { + "type": "string", + "description": "RewritePrefix rewrites previously matched prefix in match section." + }, + "regex": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.RegexReplace", + "additionalProperties": true, + "description": "Regex rewrites prefix using regex with substitution." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Path", + "description": "Path defines modification of path of the HTTP request." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Http.Modify.RegexReplace": { + "properties": { + "pattern": { + "type": "string", + "description": "Pattern of the regex using RE2 syntax. https://github.com/google/re2/wiki/Syntax" + }, + "substitution": { + "type": "string", + "description": "Substitution using regex groups. E.g. use \\\\1 as a first matched group." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Regex Replace", + "description": "RegexReplace defines a way to match string using regex and build a new one using substitution section." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer": { + "properties": { + "round_robin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.RoundRobin", + "additionalProperties": true + }, + "least_request": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.LeastRequest", + "additionalProperties": true + }, + "ring_hash": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.RingHash", + "additionalProperties": true + }, + "random": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.Random", + "additionalProperties": true + }, + "maglev": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.Maglev", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Load Balancer", + "description": "LoadBalancer defines the load balancing policy and configuration." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.LeastRequest": { + "properties": { + "choice_count": { + "type": "integer", + "description": "The number of random healthy hosts from which the host with the fewest active requests will be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Least Request", + "description": "LeastRequest uses different algorithms depending on whether hosts have the same or different weights." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.Maglev": { + "additionalProperties": true, + "type": "object", + "title": "Maglev", + "description": "Maglev implements consistent hashing to upstream hosts." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.Random": { + "additionalProperties": true, + "type": "object", + "title": "Random", + "description": "Random selects a random available host." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.RingHash": { + "properties": { + "hash_function": { + "type": "string", + "description": "The hash function used to hash hosts onto the ketama ring. The value defaults to 'XX_HASH'." + }, + "min_ring_size": { + "type": "string", + "description": "Minimum hash ring size." + }, + "max_ring_size": { + "type": "string", + "description": "Maximum hash ring size." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Ring Hash", + "description": "RingHash implements consistent hashing to upstream hosts." + }, + "kuma.mesh.v1alpha1.TrafficRoute.LoadBalancer.RoundRobin": { + "additionalProperties": true, + "type": "object", + "title": "Round Robin", + "description": "RoundRobin is a simple policy in which each available upstream host is selected in round robin order." + }, + "kuma.mesh.v1alpha1.TrafficRoute.Split": { + "properties": { + "weight": { + "additionalProperties": true, + "type": "integer", + "description": "Weight assigned to that destination. Weights are not percentages. For example two destinations with weights the same weight \"1\" will receive both same amount of the traffic. 0 means that the destination will be ignored." + }, + "destination": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Selector to match individual endpoints that comprise that destination. Notice that an endpoint can be either inside or outside the mesh. In the former case an endpoint corresponds to a data plane proxy, in the latter case an endpoint is an External Service." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Split", + "description": "Split defines a destination with a weight assigned to it." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/TrafficTrace.json b/app/docs/2.4.x/protos/TrafficTrace.json new file mode 100644 index 000000000..d4f0859c5 --- /dev/null +++ b/app/docs/2.4.x/protos/TrafficTrace.json @@ -0,0 +1,53 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/TrafficTrace", + "definitions": { + "TrafficTrace": { + "properties": { + "selectors": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes." + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.TrafficTrace.Conf", + "additionalProperties": true, + "description": "Configuration of the tracing." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Traffic Trace", + "description": "TrafficTrace defines trace configuration for selected dataplanes." + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.mesh.v1alpha1.TrafficTrace.Conf": { + "properties": { + "backend": { + "type": "string", + "description": "Backend defined in the Mesh entity." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf", + "description": "Configuration defines settings of the tracing." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/Version.json b/app/docs/2.4.x/protos/Version.json new file mode 100644 index 000000000..b7fbce902 --- /dev/null +++ b/app/docs/2.4.x/protos/Version.json @@ -0,0 +1,79 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Version", + "definitions": { + "Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/VirtualOutbound.json b/app/docs/2.4.x/protos/VirtualOutbound.json new file mode 100644 index 000000000..6f79a1ed5 --- /dev/null +++ b/app/docs/2.4.x/protos/VirtualOutbound.json @@ -0,0 +1,78 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/VirtualOutbound", + "definitions": { + "VirtualOutbound": { + "properties": { + "selectors": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Selector" + }, + "type": "array", + "description": "List of selectors to match dataplanes that this policy applies to" + }, + "conf": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.VirtualOutbound.Conf", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Virtual Outbound", + "description": "VirtualOutbound defines how to generate hostname ports combination." + }, + "kuma.mesh.v1alpha1.Selector": { + "properties": { + "match": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Tags to match, can be used for both source and destinations" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Selector", + "description": "Selector defines structure for selecting tags for given dataplane" + }, + "kuma.mesh.v1alpha1.VirtualOutbound.Conf": { + "properties": { + "host": { + "type": "string", + "description": "Host the gotemplate to generate the hostname from the Parameters map" + }, + "port": { + "type": "string", + "description": "Port the gotemplate to generate the port from the Parameters map" + }, + "parameters": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.VirtualOutbound.Conf.TemplateParameter" + }, + "type": "array", + "description": "Parameters a mapping between tag keys and template parameter key. This must always contain at least `kuma.io/service`" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Conf" + }, + "kuma.mesh.v1alpha1.VirtualOutbound.Conf.TemplateParameter": { + "properties": { + "name": { + "type": "string", + "description": "Name the name of the template parameter (must be alphanumeric)." + }, + "tag_key": { + "type": "string", + "description": "TagKey the name of the tag in the Kuma outbound (optional if absent it will use Name)." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Template Parameter", + "description": "A mapping between a template parameter and a dataplane outbound tag name." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/XDSConfigRequest.json b/app/docs/2.4.x/protos/XDSConfigRequest.json new file mode 100644 index 000000000..1ea4641e7 --- /dev/null +++ b/app/docs/2.4.x/protos/XDSConfigRequest.json @@ -0,0 +1,30 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/XDSConfigRequest", + "definitions": { + "XDSConfigRequest": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID of a request so we can correlate requests with response on one stream." + }, + "resource_type": { + "type": "string", + "description": "Type of resource (Dataplane, ZoneIngress, ZoneEgress)" + }, + "resource_name": { + "type": "string", + "description": "Name of the resource on which we execute config dump." + }, + "resource_mesh": { + "type": "string", + "description": "Mesh of the resource on which we execute config dump. Should be empty for ZoneIngress, ZoneEgress." + } + }, + "additionalProperties": true, + "type": "object", + "title": "XDS Config Request", + "description": "XDSConfigRequest is a request for XDS Config Dump that is executed on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/XDSConfigResponse.json b/app/docs/2.4.x/protos/XDSConfigResponse.json new file mode 100644 index 000000000..d6d64774a --- /dev/null +++ b/app/docs/2.4.x/protos/XDSConfigResponse.json @@ -0,0 +1,28 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/XDSConfigResponse", + "definitions": { + "XDSConfigResponse": { + "properties": { + "request_id": { + "type": "string", + "description": "RequestID is a UUID that was set by the Global CP." + }, + "error": { + "type": "string", + "description": "Error that was captured by the Zone CP when executing XDS Config Dump." + }, + "config": { + "type": "string", + "description": "The XDS Config that is a successful result of XDS Config dump execution.", + "format": "binary", + "binaryEncoding": "base64" + } + }, + "additionalProperties": true, + "type": "object", + "title": "XDS Config Response", + "description": "XDSConfigRequest is a response containing result of XDS Config Dump execution on Zone CP." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZipkinTracingBackendConfig.json b/app/docs/2.4.x/protos/ZipkinTracingBackendConfig.json new file mode 100644 index 000000000..ab2dd42ae --- /dev/null +++ b/app/docs/2.4.x/protos/ZipkinTracingBackendConfig.json @@ -0,0 +1,30 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZipkinTracingBackendConfig", + "definitions": { + "ZipkinTracingBackendConfig": { + "properties": { + "url": { + "type": "string", + "description": "Address of Zipkin collector." + }, + "traceId128bit": { + "type": "boolean", + "description": "Generate 128bit traces. Default: false" + }, + "apiVersion": { + "type": "string", + "description": "Version of the API. values: httpJson, httpJsonV1, httpProto. Default: httpJson see https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/trace/v3/trace.proto#envoy-v3-api-enum-config-trace-v3-zipkinconfig-collectorendpointversion" + }, + "sharedSpanContext": { + "additionalProperties": true, + "type": "boolean", + "description": "Determines whether client and server spans will share the same span context. Default: true. https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/trace/v3/zipkin.proto#config-trace-v3-zipkinconfig" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zipkin Tracing Backend Config" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneEgress.json b/app/docs/2.4.x/protos/ZoneEgress.json new file mode 100644 index 000000000..b154ca74f --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneEgress.json @@ -0,0 +1,54 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneEgress", + "definitions": { + "ZoneEgress": { + "properties": { + "zone": { + "type": "string", + "description": "Zone field contains Zone name where egress is serving, field will be automatically set by Global Kuma CP" + }, + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneEgress.Networking", + "additionalProperties": true, + "description": "Networking defines the address and port of the Egress to listen on." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Egress", + "description": "ZoneEgress allows us to configure dataplane in the Egress mode." + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.ZoneEgress.Networking": { + "properties": { + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed" + }, + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin contains configuration related to Envoy Admin API" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneEgressInsight.json b/app/docs/2.4.x/protos/ZoneEgressInsight.json new file mode 100644 index 000000000..9a5e7643e --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneEgressInsight.json @@ -0,0 +1,194 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneEgressInsight", + "definitions": { + "ZoneEgressInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Zone Kuma CP." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Egress Insight", + "description": "ZoneEgressInsight defines the observed state of a Zone Egress." + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneEgressOverview.json b/app/docs/2.4.x/protos/ZoneEgressOverview.json new file mode 100644 index 000000000..7e2fe5983 --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneEgressOverview.json @@ -0,0 +1,258 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneEgressOverview", + "definitions": { + "ZoneEgressOverview": { + "properties": { + "zoneEgress": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneEgress", + "additionalProperties": true + }, + "zoneEgressInsight": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneEgressInsight", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Egress Overview", + "description": "ZoneEgressOverview defines the projected state of a ZoneEgress." + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + }, + "kuma.mesh.v1alpha1.ZoneEgress": { + "properties": { + "zone": { + "type": "string", + "description": "Zone field contains Zone name where egress is serving, field will be automatically set by Global Kuma CP" + }, + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneEgress.Networking", + "additionalProperties": true, + "description": "Networking defines the address and port of the Egress to listen on." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Egress", + "description": "ZoneEgress allows us to configure dataplane in the Egress mode." + }, + "kuma.mesh.v1alpha1.ZoneEgress.Networking": { + "properties": { + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed" + }, + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin contains configuration related to Envoy Admin API" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking" + }, + "kuma.mesh.v1alpha1.ZoneEgressInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Zone Kuma CP." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Egress Insight", + "description": "ZoneEgressInsight defines the observed state of a Zone Egress." + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneIngress.json b/app/docs/2.4.x/protos/ZoneIngress.json new file mode 100644 index 000000000..0d613e59b --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneIngress.json @@ -0,0 +1,95 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneIngress", + "definitions": { + "ZoneIngress": { + "properties": { + "zone": { + "type": "string", + "description": "Zone field contains Zone name where ingress is serving, field will be automatically set by Global Kuma CP" + }, + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngress.Networking", + "additionalProperties": true, + "description": "Networking defines the address and port of the Ingress to listen on. Additionally publicly advertised address and port could be specified." + }, + "availableServices": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngress.AvailableService" + }, + "type": "array", + "description": "AvailableService contains tags that represent unique subset of endpoints" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Ingress", + "description": "ZoneIngress allows us to configure dataplane in the Ingress mode. In this mode, dataplane has only inbound interfaces. Every inbound interface matches with services that reside in that cluster." + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.ZoneIngress.AvailableService": { + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "tags of the service" + }, + "instances": { + "type": "integer", + "description": "number of instances available for given tags" + }, + "mesh": { + "type": "string", + "description": "mesh of the instances available for given tags" + }, + "externalService": { + "type": "boolean", + "description": "instance of external service available from the zone" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Available Service" + }, + "kuma.mesh.v1alpha1.ZoneIngress.Networking": { + "properties": { + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed" + }, + "advertisedAddress": { + "type": "string", + "description": "AdvertisedAddress defines IP or DNS name on which ZoneIngress is accessible to other Kuma clusters." + }, + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service." + }, + "advertisedPort": { + "type": "integer", + "description": "AdvertisedPort defines port on which ZoneIngress is accessible to other Kuma clusters." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin contains configuration related to Envoy Admin API" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneIngressInsight.json b/app/docs/2.4.x/protos/ZoneIngressInsight.json new file mode 100644 index 000000000..4c6d25999 --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneIngressInsight.json @@ -0,0 +1,194 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneIngressInsight", + "definitions": { + "ZoneIngressInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Zone Kuma CP." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Ingress Insight", + "description": "ZoneIngressInsight defines the observed state of a Zone Ingress." + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + } + } +} \ No newline at end of file diff --git a/app/docs/2.4.x/protos/ZoneIngressOverview.json b/app/docs/2.4.x/protos/ZoneIngressOverview.json new file mode 100644 index 000000000..5cf6ef549 --- /dev/null +++ b/app/docs/2.4.x/protos/ZoneIngressOverview.json @@ -0,0 +1,299 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZoneIngressOverview", + "definitions": { + "ZoneIngressOverview": { + "properties": { + "zone_ingress": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngress", + "additionalProperties": true + }, + "zone_ingress_insight": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngressInsight", + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Ingress Overview", + "description": "ZoneIngressOverview defines the projected state of a ZoneIngress." + }, + "kuma.mesh.v1alpha1.DiscoveryServiceStats": { + "properties": { + "responses_sent": { + "type": "string", + "description": "Number of xDS responses sent to the Dataplane." + }, + "responses_acknowledged": { + "type": "string", + "description": "Number of xDS responses ACKed by the Dataplane." + }, + "responses_rejected": { + "type": "string", + "description": "Number of xDS responses NACKed by the Dataplane." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Service Stats", + "description": "DiscoveryServiceStats defines all stats over a single xDS service." + }, + "kuma.mesh.v1alpha1.DiscoverySubscription": { + "properties": { + "id": { + "minLength": 1, + "type": "string", + "description": "Unique id per ADS subscription." + }, + "control_plane_instance_id": { + "minLength": 1, + "type": "string", + "description": "Control Plane instance that handled given subscription." + }, + "connect_time": { + "type": "string", + "description": "Time when a given Dataplane connected to the Control Plane.", + "format": "date-time" + }, + "disconnect_time": { + "type": "string", + "description": "Time when a given Dataplane disconnected from the Control Plane.", + "format": "date-time" + }, + "status": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscriptionStatus", + "additionalProperties": true, + "description": "Status of the ADS subscription." + }, + "version": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.Version", + "additionalProperties": true, + "description": "Version of Envoy and Kuma dataplane" + }, + "generation": { + "type": "integer", + "description": "Generation is an integer number which is periodically increased by the status sink" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription", + "description": "DiscoverySubscription describes a single ADS subscription created by a Dataplane to the Control Plane. Ideally, there should be only one such subscription per Dataplane lifecycle. Presence of multiple subscriptions might indicate one of the following events: - transient loss of network connection between Dataplane and Control Plane - Dataplane restart (i.e. hot restart or crash) - Control Plane restart (i.e. rolling update or crash) - etc" + }, + "kuma.mesh.v1alpha1.DiscoverySubscriptionStatus": { + "properties": { + "last_update_time": { + "type": "string", + "description": "Time when status of a given ADS subscription was most recently updated.", + "format": "date-time" + }, + "total": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "Total defines an aggregate over individual xDS stats." + }, + "cds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "CDS defines all CDS stats." + }, + "eds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "EDS defines all EDS stats." + }, + "lds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "LDS defines all LDS stats." + }, + "rds": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoveryServiceStats", + "additionalProperties": true, + "description": "RDS defines all RDS stats." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Discovery Subscription Status", + "description": "DiscoverySubscriptionStatus defines status of an ADS subscription." + }, + "kuma.mesh.v1alpha1.EnvoyAdmin": { + "properties": { + "port": { + "type": "integer", + "description": "Port on which Envoy Admin API server will be listening" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Admin" + }, + "kuma.mesh.v1alpha1.EnvoyVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Envoy" + }, + "build": { + "type": "string", + "description": "Full build tag of Envoy version" + }, + "kumaDpCompatible": { + "type": "boolean", + "description": "True iff Envoy version is compatible with Kuma DP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Envoy Version", + "description": "EnvoyVersion describes details of Envoy version" + }, + "kuma.mesh.v1alpha1.KumaDpVersion": { + "properties": { + "version": { + "type": "string", + "description": "Version number of Kuma Dataplane" + }, + "gitTag": { + "type": "string", + "description": "Git tag of Kuma Dataplane version" + }, + "gitCommit": { + "type": "string", + "description": "Git commit of Kuma Dataplane version" + }, + "buildDate": { + "type": "string", + "description": "Build date of Kuma Dataplane version" + }, + "kumaCpCompatible": { + "type": "boolean", + "description": "True iff Kuma DP version is compatible with Kuma CP version" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Kuma Dp Version", + "description": "KumaDpVersion describes details of Kuma Dataplane version" + }, + "kuma.mesh.v1alpha1.Version": { + "properties": { + "kumaDp": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.KumaDpVersion", + "additionalProperties": true, + "description": "Version of Kuma Dataplane" + }, + "envoy": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyVersion", + "additionalProperties": true, + "description": "Version of Envoy" + }, + "dependencies": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "Versions of other dependencies, i.e. CoreDNS" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Version", + "description": "Version defines version of Kuma Dataplane and Envoy" + }, + "kuma.mesh.v1alpha1.ZoneIngress": { + "properties": { + "zone": { + "type": "string", + "description": "Zone field contains Zone name where ingress is serving, field will be automatically set by Global Kuma CP" + }, + "networking": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngress.Networking", + "additionalProperties": true, + "description": "Networking defines the address and port of the Ingress to listen on. Additionally publicly advertised address and port could be specified." + }, + "availableServices": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.ZoneIngress.AvailableService" + }, + "type": "array", + "description": "AvailableService contains tags that represent unique subset of endpoints" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Ingress", + "description": "ZoneIngress allows us to configure dataplane in the Ingress mode. In this mode, dataplane has only inbound interfaces. Every inbound interface matches with services that reside in that cluster." + }, + "kuma.mesh.v1alpha1.ZoneIngress.AvailableService": { + "properties": { + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "description": "tags of the service" + }, + "instances": { + "type": "integer", + "description": "number of instances available for given tags" + }, + "mesh": { + "type": "string", + "description": "mesh of the instances available for given tags" + }, + "externalService": { + "type": "boolean", + "description": "instance of external service available from the zone" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Available Service" + }, + "kuma.mesh.v1alpha1.ZoneIngress.Networking": { + "properties": { + "address": { + "type": "string", + "description": "Address on which inbound listener will be exposed" + }, + "advertisedAddress": { + "type": "string", + "description": "AdvertisedAddress defines IP or DNS name on which ZoneIngress is accessible to other Kuma clusters." + }, + "port": { + "type": "integer", + "description": "Port of the inbound interface that will forward requests to the service." + }, + "advertisedPort": { + "type": "integer", + "description": "AdvertisedPort defines port on which ZoneIngress is accessible to other Kuma clusters." + }, + "admin": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.EnvoyAdmin", + "additionalProperties": true, + "description": "Admin contains configuration related to Envoy Admin API" + } + }, + "additionalProperties": true, + "type": "object", + "title": "Networking" + }, + "kuma.mesh.v1alpha1.ZoneIngressInsight": { + "properties": { + "subscriptions": { + "items": { + "$ref": "#/definitions/kuma.mesh.v1alpha1.DiscoverySubscription" + }, + "type": "array", + "description": "List of ADS subscriptions created by a given Zone Kuma CP." + } + }, + "additionalProperties": true, + "type": "object", + "title": "Zone Ingress Insight", + "description": "ZoneIngressInsight defines the observed state of a Zone Ingress." + } + } +} \ No newline at end of file