istio
/
api
mirror of https://github.com/istio/api.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Define interception_mode field in ProxyConfig (#444) 

Signed-off-by: Romain Lenglet <romain@covalent.io>
This commit is contained in:
Romain Lenglet 2018-04-10 06:31:14 -07:00 committed by Shriram Rajagopalan
parent 80900db86e
commit bf7eff00d3
4 changed files with 238 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

204
mesh/v1alpha1/config.pb.go
View File

@ -61,6 +61,38 @@ func (x AuthenticationPolicy) String() string {
}
func (AuthenticationPolicy) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
// The mode used to redirect inbound traffic to Envoy.
// This setting has no effect on outbound traffic: iptables REDIRECT is always used for
// outbound connections.
type ProxyConfig_InboundInterceptionMode int32
const (
// The REDIRECT mode uses iptables REDIRECT to NAT and redirect to Envoy. This mode loses
// source IP addresses during redirection.
ProxyConfig_REDIRECT ProxyConfig_InboundInterceptionMode = 0
// The TPROXY mode uses iptables TPROXY to redirect to Envoy. This mode preserves both the
// source and destination IP addresses and ports, so that they can be used for advanced
// filtering and manipulation. This mode also configures the sidecar to run with the
// CAP_NET_ADMIN capability, which is required to use TPROXY.
ProxyConfig_TPROXY ProxyConfig_InboundInterceptionMode = 1
)
var ProxyConfig_InboundInterceptionMode_name = map[int32]string{
0: "REDIRECT",
1: "TPROXY",
}
var ProxyConfig_InboundInterceptionMode_value = map[string]int32{
"REDIRECT": 0,
"TPROXY": 1,
}
func (x ProxyConfig_InboundInterceptionMode) String() string {
return proto.EnumName(ProxyConfig_InboundInterceptionMode_name, int32(x))
}
func (ProxyConfig_InboundInterceptionMode) EnumDescriptor() ([]byte, []int) {
return fileDescriptor0, []int{0, 0}
}
type MeshConfig_IngressControllerMode int32
const (
@ -248,6 +280,8 @@ type ProxyConfig struct {
Concurrency int32 `protobuf:"varint,16,opt,name=concurrency" json:"concurrency,omitempty"`
// Path to the proxy bootstrap template file
ProxyBootstrapTemplatePath string `protobuf:"bytes,17,opt,name=proxy_bootstrap_template_path,json=proxyBootstrapTemplatePath" json:"proxy_bootstrap_template_path,omitempty"`
// The mode used to redirect inbound traffic to Envoy.
InterceptionMode ProxyConfig_InboundInterceptionMode `protobuf:"varint,18,opt,name=interception_mode,json=interceptionMode,enum=istio.mesh.v1alpha1.ProxyConfig_InboundInterceptionMode" json:"interception_mode,omitempty"`
}
func (m *ProxyConfig) Reset() { *m = ProxyConfig{} }
@ -374,6 +408,13 @@ func (m *ProxyConfig) GetProxyBootstrapTemplatePath() string {
return ""
}
func (m *ProxyConfig) GetInterceptionMode() ProxyConfig_InboundInterceptionMode {
if m != nil {
return m.InterceptionMode
}
return ProxyConfig_REDIRECT
}
// MeshConfig defines mesh-wide variables shared by all Envoy instances in the
// Istio service mesh.
type MeshConfig struct {
@ -669,6 +710,7 @@ func init() {
proto.RegisterType((*MeshConfig_RbacConfig)(nil), "istio.mesh.v1alpha1.MeshConfig.RbacConfig")
proto.RegisterType((*MeshConfig_RbacConfig_Target)(nil), "istio.mesh.v1alpha1.MeshConfig.RbacConfig.Target")
proto.RegisterEnum("istio.mesh.v1alpha1.AuthenticationPolicy", AuthenticationPolicy_name, AuthenticationPolicy_value)
proto.RegisterEnum("istio.mesh.v1alpha1.ProxyConfig_InboundInterceptionMode", ProxyConfig_InboundInterceptionMode_name, ProxyConfig_InboundInterceptionMode_value)
proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_IngressControllerMode", MeshConfig_IngressControllerMode_name, MeshConfig_IngressControllerMode_value)
proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_AuthPolicy", MeshConfig_AuthPolicy_name, MeshConfig_AuthPolicy_value)
proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_OutboundTrafficPolicy_Mode", MeshConfig_OutboundTrafficPolicy_Mode_name, MeshConfig_OutboundTrafficPolicy_Mode_value)
@ -678,83 +720,87 @@ func init() {
func init() { proto.RegisterFile("mesh/v1alpha1/config.proto", fileDescriptor0) }
var fileDescriptor0 = []byte{
// 1248 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x72, 0x1a, 0x47,
0x13, 0xf5, 0x22, 0x59, 0x3f, 0x8d, 0x41, 0xcb, 0xd8, 0xb2, 0xd7, 0xd4, 0xf7, 0x39, 0x2a, 0xa5,
0xe2, 0x28, 0x8e, 0x0b, 0xca, 0x4a, 0x72, 0x91, 0x5c, 0xa4, 0x82, 0x10, 0xb2, 0xa9, 0x60, 0x50,
0x96, 0x95, 0x1d, 0xfb, 0x66, 0x6a, 0xd8, 0x1d, 0x60, 0xca, 0xcb, 0xce, 0xd6, 0xec, 0xac, 0x62,
0x7c, 0x95, 0x67, 0xc9, 0x6d, 0xde, 0x25, 0xcf, 0x91, 0xc7, 0x48, 0xcd, 0xcf, 0x02, 0x76, 0x91,
0x22, 0xf6, 0x9d, 0x74, 0xfa, 0x74, 0xf7, 0x74, 0xcf, 0x39, 0xb3, 0x40, 0x7d, 0x46, 0xb3, 0x69,
0xf3, 0xfa, 0x09, 0x89, 0xd3, 0x29, 0x79, 0xd2, 0x0c, 0x79, 0x32, 0x66, 0x93, 0x46, 0x2a, 0xb8,
0xe4, 0xe8, 0x36, 0xcb, 0x24, 0xe3, 0x0d, 0xc5, 0x68, 0x14, 0x8c, 0xfa, 0x83, 0x09, 0xe7, 0x93,
0x98, 0x36, 0x35, 0x65, 0x94, 0x8f, 0x9b, 0x51, 0x2e, 0x88, 0x64, 0x3c, 0x31, 0x49, 0xc7, 0x7f,
0xec, 0x42, 0xf9, 0x52, 0xf0, 0xb7, 0xf3, 0xb6, 0x2e, 0x85, 0x3e, 0x83, 0xb2, 0x29, 0x8a, 0x53,
0x22, 0xa7, 0x9e, 0x73, 0xe4, 0x9c, 0xec, 0xfb, 0x60, 0xa0, 0x4b, 0x22, 0xa7, 0x8a, 0x30, 0x62,
0x09, 0x11, 0x73, 0x43, 0x28, 0x19, 0x82, 0x81, 0x34, 0xe1, 0x4b, 0x38, 0xc8, 0xa8, 0xb8, 0x66,
0x21, 0xc5, 0x61, 0x9c, 0x67, 0x92, 0x0a, 0x6f, 0x4b, 0x93, 0xaa, 0x16, 0x6e, 0x1b, 0x14, 0xfd,
0x04, 0xd5, 0x48, 0x10, 0x96, 0xe0, 0xe2, 0x48, 0xde, 0xf6, 0x91, 0x73, 0x52, 0x3e, 0xbd, 0xdf,
0x30, 0x67, 0x6e, 0x14, 0x67, 0x6e, 0x9c, 0x5b, 0x82, 0x5f, 0xd1, 0x09, 0xc5, 0xbf, 0x68, 0x08,
0x5e, 0x4a, 0x04, 0x4d, 0x24, 0xce, 0xa6, 0xb9, 0x8c, 0xf8, 0x6f, 0x2b, 0xb5, 0x6e, 0x6e, 0xaa,
0x75, 0xd7, 0xa4, 0x0e, 0x6d, 0xe6, 0xa2, 0xe8, 0xd7, 0x50, 0x8b, 0x58, 0x16, 0xf2, 0x6b, 0x2a,
0xe6, 0x98, 0x44, 0x91, 0xa0, 0x59, 0xe6, 0xed, 0xe8, 0x09, 0xdc, 0x45, 0xa0, 0x65, 0x70, 0xf4,
0x0b, 0xdc, 0x5b, 0x92, 0x05, 0x1d, 0x0b, 0x9a, 0x4d, 0x71, 0x44, 0x63, 0x32, 0xf7, 0x76, 0x37,
0x1d, 0xe0, 0x70, 0x91, 0xe9, 0x9b, 0xc4, 0x73, 0x95, 0x87, 0xbe, 0x80, 0xea, 0x3b, 0x96, 0xbe,
0x61, 0xc9, 0xa2, 0xf9, 0x9e, 0x6e, 0x5e, 0x31, 0x68, 0xd1, 0xf9, 0x0c, 0x0e, 0x42, 0x9e, 0x24,
0x34, 0x94, 0x58, 0xb2, 0x19, 0xe5, 0xb9, 0xf4, 0xf6, 0x37, 0x75, 0xac, 0xda, 0x8c, 0xc0, 0x24,
0xa0, 0xc7, 0x80, 0x32, 0x49, 0x64, 0x16, 0xe1, 0x3c, 0x4a, 0x17, 0xed, 0xc0, 0xcc, 0x6a, 0x22,
0x57, 0x51, 0x5a, 0x74, 0x3c, 0x01, 0x37, 0x55, 0x4a, 0xc1, 0x24, 0x9a, 0xb1, 0x04, 0xa7, 0x5c,
0x48, 0xaf, 0x7c, 0xe4, 0x9c, 0xdc, 0xf4, 0xab, 0x1a, 0x6f, 0x29, 0xf8, 0x92, 0x0b, 0xa9, 0x56,
0x48, 0xae, 0x09, 0x8b, 0xc9, 0x88, 0xc5, 0x4c, 0xce, 0xf1, 0x3b, 0x9e, 0x50, 0xef, 0x96, 0x29,
0xbb, 0x1a, 0x78, 0xcd, 0x13, 0x8a, 0x22, 0xb8, 0x1f, 0xf2, 0x44, 0x0a, 0x1e, 0xe3, 0x34, 0x26,
0x09, 0xc5, 0x24, 0x97, 0x53, 0x9c, 0xf2, 0x98, 0x85, 0x73, 0xaf, 0x72, 0xe4, 0x9c, 0x54, 0x4f,
0xbf, 0x6a, 0xac, 0x91, 0x76, 0xa3, 0x95, 0xcb, 0x29, 0x4d, 0x24, 0x0b, 0xf5, 0x70, 0x97, 0x3a,
0xc1, 0xbf, 0x6b, 0x6b, 0x5d, 0xaa, 0x52, 0x8a, 0x61, 0x70, 0x35, 0x6a, 0x98, 0x67, 0x92, 0xcf,
0xb0, 0x95, 0xf7, 0x98, 0xc5, 0xd4, 0xab, 0x9a, 0x33, 0x99, 0x88, 0x71, 0xc0, 0x05, 0x8b, 0xa9,
0x1a, 0x55, 0x8d, 0x8f, 0x13, 0x32, 0xa3, 0x38, 0xa6, 0xc9, 0x44, 0x4e, 0xbd, 0x03, 0x33, 0xaa,
0xc2, 0xfb, 0x64, 0x46, 0x7b, 0x1a, 0x45, 0x47, 0xda, 0x2f, 0x61, 0x2e, 0x04, 0x4d, 0xc2, 0xb9,
0xe7, 0x6a, 0xd2, 0x2a, 0x84, 0x5a, 0xf0, 0x7f, 0xb3, 0xb6, 0x11, 0xe7, 0x32, 0x93, 0x82, 0xa4,
0x58, 0xd2, 0x59, 0x1a, 0x13, 0x49, 0x8d, 0x85, 0x6a, 0xfa, 0x10, 0x75, 0x4d, 0x3a, 0x2b, 0x38,
0x81, 0xa5, 0x28, 0x4b, 0x1d, 0xff, 0x55, 0x01, 0x78, 0x4e, 0xb3, 0xa9, 0xf5, 0xe8, 0x63, 0x40,
0x33, 0xf6, 0x96, 0x0a, 0x1c, 0x4e, 0x69, 0xf8, 0x06, 0x2b, 0x5b, 0x51, 0x61, 0xad, 0xea, 0xea,
0x48, 0x5b, 0x05, 0x86, 0x1a, 0x47, 0x0d, 0xb8, 0x6d, 0xd8, 0x82, 0xaa, 0x2b, 0x2b, 0xe8, 0xc6,
0xb8, 0x35, 0x1d, 0xf2, 0x75, 0xc4, 0xf2, 0x4f, 0x41, 0x09, 0x93, 0x8c, 0x62, 0x6a, 0x2f, 0xc1,
0xb4, 0xc9, 0xb4, 0x8b, 0xf7, 0xfc, 0xdb, 0x36, 0x68, 0xf6, 0xaa, 0x1b, 0x65, 0xe8, 0x11, 0xd4,
0xcc, 0x8c, 0x31, 0xcb, 0x24, 0xb5, 0xda, 0xd8, 0xd6, 0xbb, 0x38, 0xd0, 0x81, 0x9e, 0xc6, 0xb5,
0x38, 0x1e, 0x82, 0x81, 0xf0, 0x54, 0xca, 0xd4, 0x30, 0x6f, 0x6a, 0x66, 0x45, 0xc3, 0xcf, 0xa4,
0x4c, 0x35, 0x6f, 0x8d, 0xc0, 0x77, 0x3e, 0x56, 0xe0, 0x9f, 0x43, 0x85, 0x25, 0x13, 0xa5, 0x5e,
0x1c, 0xc6, 0x24, 0xcb, 0xb4, 0x29, 0xf7, 0xfd, 0x5b, 0x16, 0x6c, 0x2b, 0x4c, 0x3d, 0x58, 0x05,
0xc9, 0xbe, 0x50, 0xd6, 0x71, 0x55, 0x0b, 0x0f, 0x0d, 0x8a, 0x66, 0x70, 0x6f, 0x51, 0xcd, 0xa8,
0x2c, 0xa6, 0x02, 0xcf, 0x78, 0x44, 0xb5, 0xf5, 0xaa, 0xa7, 0xdf, 0xad, 0xd5, 0xe9, 0xf2, 0xe6,
0x1a, 0x5d, 0xdb, 0x77, 0x91, 0xfd, 0x9c, 0x47, 0xd4, 0x3f, 0x64, 0xeb, 0x60, 0x34, 0x80, 0xf2,
0xaa, 0x15, 0x40, 0xb7, 0x78, 0xb4, 0xa9, 0xc5, 0x52, 0xf3, 0x67, 0x25, 0xcf, 0xf1, 0x81, 0x2c,
0x3d, 0xd0, 0x81, 0x9a, 0x88, 0xb2, 0x0f, 0x9e, 0xa9, 0xf2, 0xa6, 0x9d, 0x1e, 0x88, 0x28, 0xfb,
0xf0, 0x81, 0xa2, 0x89, 0xd6, 0x87, 0x14, 0x24, 0x64, 0xc9, 0x44, 0x5b, 0x7b, 0xcf, 0xaf, 0x18,
0x34, 0x30, 0xa0, 0xba, 0x67, 0x12, 0x86, 0x6a, 0x59, 0x31, 0xb7, 0x76, 0xab, 0x98, 0x87, 0xcc,
0xc0, 0x3d, 0x6e, 0xbc, 0xf6, 0x14, 0xaa, 0x11, 0x1d, 0x93, 0x3c, 0x96, 0xd6, 0x9a, 0xda, 0x95,
0xe5, 0xd3, 0xa3, 0xb5, 0x93, 0xae, 0x7c, 0xab, 0xfc, 0x8a, 0xcd, 0xb3, 0xb6, 0xf8, 0x16, 0xee,
0xce, 0x64, 0x9c, 0x61, 0xfa, 0x36, 0x8c, 0xf3, 0x88, 0x46, 0xc5, 0x6d, 0x66, 0xde, 0xc1, 0xd1,
0xd6, 0xc9, 0xbe, 0x7f, 0x47, 0x45, 0x3b, 0x36, 0x68, 0xef, 0x34, 0x53, 0x12, 0x31, 0xf6, 0x28,
0x9e, 0x3f, 0xd7, 0x48, 0x44, 0x83, 0xc5, 0xd3, 0x37, 0x83, 0x7b, 0x3c, 0x97, 0x23, 0x9e, 0x27,
0x91, 0x1a, 0x7a, 0x3c, 0x66, 0x61, 0x71, 0x2d, 0x35, 0x7d, 0xd8, 0x8d, 0x37, 0x3f, 0xb0, 0xe9,
0x81, 0xc9, 0xb6, 0xaf, 0xd5, 0x21, 0x5f, 0x07, 0xa3, 0x9f, 0xa1, 0x2c, 0x46, 0x24, 0x2c, 0xf6,
0x81, 0x74, 0x8b, 0x8d, 0x37, 0xef, 0x8f, 0x48, 0x68, 0x37, 0x03, 0x62, 0xf1, 0x77, 0xfd, 0x4f,
0x07, 0x0e, 0xd7, 0x76, 0x47, 0x7d, 0xd8, 0xd6, 0xe2, 0x75, 0xb4, 0xb2, 0x7e, 0xf8, 0xa4, 0x11,
0x1a, 0x5a, 0xc1, 0xba, 0xce, 0xf1, 0x19, 0x6c, 0x6b, 0xe1, 0xd6, 0xa0, 0xe2, 0x77, 0x9e, 0x76,
0x87, 0x81, 0xff, 0x0a, 0x0f, 0xfa, 0xbd, 0x57, 0xee, 0x0d, 0x54, 0x81, 0xfd, 0x56, 0xaf, 0x37,
0x78, 0x89, 0x5b, 0xfd, 0x57, 0xae, 0x83, 0x3c, 0xb8, 0xf3, 0xa2, 0xeb, 0x07, 0x57, 0xad, 0x1e,
0x1e, 0x76, 0xfc, 0x17, 0xdd, 0x76, 0xc7, 0x10, 0x4b, 0xf5, 0xdf, 0xb7, 0x00, 0x96, 0x83, 0xa0,
0xf6, 0x7b, 0x47, 0x6c, 0xfe, 0xf7, 0x15, 0xac, 0x9c, 0x0b, 0x0d, 0x60, 0x9f, 0x25, 0xea, 0xb7,
0x88, 0xfa, 0x5d, 0x50, 0xd2, 0xcb, 0x7c, 0xf2, 0x11, 0x95, 0x02, 0x22, 0x26, 0x54, 0xfa, 0xcb,
0x1a, 0xaa, 0xa0, 0x16, 0x99, 0x2e, 0xb8, 0xf5, 0xc9, 0x05, 0x17, 0x35, 0xea, 0xe7, 0xb0, 0x63,
0x40, 0x54, 0x87, 0xbd, 0x85, 0x6c, 0x1d, 0x2d, 0xdb, 0xc5, 0xff, 0xe8, 0x01, 0x80, 0xfa, 0x20,
0x65, 0x29, 0x51, 0xd1, 0x92, 0x8e, 0xae, 0x20, 0xc7, 0x1d, 0xbb, 0xff, 0x5d, 0xd8, 0x1a, 0x5c,
0x5c, 0xb8, 0x37, 0xd0, 0x0e, 0x94, 0x06, 0x7d, 0xd7, 0x41, 0x87, 0x50, 0x1b, 0xf4, 0xf1, 0xcb,
0x6e, 0xf0, 0x0c, 0x77, 0xfb, 0xed, 0xde, 0xd5, 0xb0, 0x3b, 0xe8, 0xbb, 0xa5, 0x55, 0xb8, 0xf3,
0x6b, 0x01, 0x6f, 0x1d, 0x7f, 0x0f, 0x87, 0x6b, 0xdf, 0xa9, 0x65, 0xdd, 0x32, 0xec, 0x9e, 0x77,
0x2e, 0x5a, 0x57, 0xbd, 0xc0, 0x75, 0x10, 0xc0, 0xce, 0x30, 0xf0, 0xbb, 0xed, 0xc0, 0x2d, 0x1d,
0x3f, 0x04, 0x58, 0xf9, 0xe6, 0xee, 0xc1, 0x76, 0x7f, 0xd0, 0xef, 0xb8, 0x37, 0x50, 0x15, 0xe0,
0xf9, 0x95, 0xbe, 0xee, 0xa0, 0x37, 0x74, 0x9d, 0x47, 0x3f, 0xc2, 0x9d, 0x75, 0x5f, 0xef, 0x7f,
0xcf, 0x40, 0xb7, 0x60, 0xb7, 0xdb, 0x7f, 0xd6, 0xf1, 0xbb, 0x81, 0xfb, 0xf7, 0xee, 0xd9, 0xff,
0x5e, 0xd7, 0xcd, 0xba, 0x19, 0x6f, 0x92, 0x94, 0x35, 0xdf, 0xfb, 0x55, 0x3c, 0xda, 0xd1, 0x8f,
0xd8, 0x37, 0xff, 0x04, 0x00, 0x00, 0xff, 0xff, 0x0b, 0xf8, 0xe4, 0x3b, 0x2d, 0x0b, 0x00, 0x00,
// 1309 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0xdb, 0x46,
0x13, 0x35, 0x65, 0xc7, 0x3f, 0x23, 0x4b, 0xa6, 0x36, 0x71, 0xcc, 0x08, 0xdf, 0x97, 0x1a, 0x2e,
0x9a, 0xba, 0x69, 0x20, 0x23, 0x4e, 0x0b, 0xb4, 0xbd, 0x28, 0x2a, 0xcb, 0x72, 0x22, 0x54, 0x91,
0x5c, 0x8a, 0x4e, 0xe2, 0xdc, 0x2c, 0x56, 0xe4, 0xda, 0x5a, 0x84, 0xe2, 0x12, 0xcb, 0xa5, 0x1b,
0xe5, 0xaa, 0xef, 0xd3, 0x77, 0xe8, 0x23, 0xf4, 0x39, 0xfa, 0x18, 0xc5, 0xfe, 0x50, 0x52, 0x02,
0x05, 0x6a, 0x72, 0x67, 0x9f, 0x39, 0x33, 0xb3, 0x3b, 0x7b, 0xe6, 0x88, 0x50, 0x1f, 0xd3, 0x6c,
0x74, 0x74, 0xf3, 0x98, 0xc4, 0xe9, 0x88, 0x3c, 0x3e, 0x0a, 0x79, 0x72, 0xc5, 0xae, 0x1b, 0xa9,
0xe0, 0x92, 0xa3, 0xdb, 0x2c, 0x93, 0x8c, 0x37, 0x14, 0xa3, 0x51, 0x30, 0xea, 0xf7, 0xaf, 0x39,
0xbf, 0x8e, 0xe9, 0x91, 0xa6, 0x0c, 0xf3, 0xab, 0xa3, 0x28, 0x17, 0x44, 0x32, 0x9e, 0x98, 0xa4,
0x83, 0xbf, 0x36, 0xa1, 0x7c, 0x2e, 0xf8, 0xdb, 0x49, 0x4b, 0x97, 0x42, 0x5f, 0x40, 0xd9, 0x14,
0xc5, 0x29, 0x91, 0x23, 0xcf, 0xd9, 0x77, 0x0e, 0xb7, 0x7c, 0x30, 0xd0, 0x39, 0x91, 0x23, 0x45,
0x18, 0xb2, 0x84, 0x88, 0x89, 0x21, 0x94, 0x0c, 0xc1, 0x40, 0x9a, 0xf0, 0x35, 0xec, 0x64, 0x54,
0xdc, 0xb0, 0x90, 0xe2, 0x30, 0xce, 0x33, 0x49, 0x85, 0xb7, 0xaa, 0x49, 0x55, 0x0b, 0xb7, 0x0c,
0x8a, 0x7e, 0x81, 0x6a, 0x24, 0x08, 0x4b, 0x70, 0x71, 0x24, 0x6f, 0x6d, 0xdf, 0x39, 0x2c, 0x1f,
0xdf, 0x6b, 0x98, 0x33, 0x37, 0x8a, 0x33, 0x37, 0x4e, 0x2d, 0xc1, 0xaf, 0xe8, 0x84, 0xe2, 0x5f,
0x34, 0x00, 0x2f, 0x25, 0x82, 0x26, 0x12, 0x67, 0xa3, 0x5c, 0x46, 0xfc, 0xf7, 0xb9, 0x5a, 0xb7,
0x96, 0xd5, 0xba, 0x6b, 0x52, 0x07, 0x36, 0x73, 0x5a, 0xf4, 0x5b, 0xa8, 0x45, 0x2c, 0x0b, 0xf9,
0x0d, 0x15, 0x13, 0x4c, 0xa2, 0x48, 0xd0, 0x2c, 0xf3, 0xd6, 0xf5, 0x0d, 0xdc, 0x69, 0xa0, 0x69,
0x70, 0xf4, 0x1b, 0xec, 0xcd, 0xc8, 0x82, 0x5e, 0x09, 0x9a, 0x8d, 0x70, 0x44, 0x63, 0x32, 0xf1,
0x36, 0x96, 0x1d, 0x60, 0x77, 0x9a, 0xe9, 0x9b, 0xc4, 0x53, 0x95, 0x87, 0xbe, 0x82, 0xea, 0x3b,
0x96, 0xbe, 0x61, 0xc9, 0xb4, 0xf9, 0xa6, 0x6e, 0x5e, 0x31, 0x68, 0xd1, 0xf9, 0x04, 0x76, 0x42,
0x9e, 0x24, 0x34, 0x94, 0x58, 0xb2, 0x31, 0xe5, 0xb9, 0xf4, 0xb6, 0x96, 0x75, 0xac, 0xda, 0x8c,
0xc0, 0x24, 0xa0, 0x47, 0x80, 0x32, 0x49, 0x64, 0x16, 0xe1, 0x3c, 0x4a, 0xa7, 0xed, 0xc0, 0xdc,
0xd5, 0x44, 0x2e, 0xa2, 0xb4, 0xe8, 0x78, 0x08, 0x6e, 0xaa, 0x94, 0x82, 0x49, 0x34, 0x66, 0x09,
0x4e, 0xb9, 0x90, 0x5e, 0x79, 0xdf, 0x39, 0xbc, 0xe5, 0x57, 0x35, 0xde, 0x54, 0xf0, 0x39, 0x17,
0x52, 0x8d, 0x90, 0xdc, 0x10, 0x16, 0x93, 0x21, 0x8b, 0x99, 0x9c, 0xe0, 0x77, 0x3c, 0xa1, 0xde,
0xb6, 0x29, 0x3b, 0x1f, 0x78, 0xcd, 0x13, 0x8a, 0x22, 0xb8, 0x17, 0xf2, 0x44, 0x0a, 0x1e, 0xe3,
0x34, 0x26, 0x09, 0xc5, 0x24, 0x97, 0x23, 0x9c, 0xf2, 0x98, 0x85, 0x13, 0xaf, 0xb2, 0xef, 0x1c,
0x56, 0x8f, 0xbf, 0x69, 0x2c, 0x90, 0x76, 0xa3, 0x99, 0xcb, 0x11, 0x4d, 0x24, 0x0b, 0xf5, 0xe5,
0xce, 0x75, 0x82, 0x7f, 0xd7, 0xd6, 0x3a, 0x57, 0xa5, 0x14, 0xc3, 0xe0, 0xea, 0xaa, 0x61, 0x9e,
0x49, 0x3e, 0xc6, 0x56, 0xde, 0x57, 0x2c, 0xa6, 0x5e, 0xd5, 0x9c, 0xc9, 0x44, 0xcc, 0x06, 0x9c,
0xb1, 0x98, 0xaa, 0xab, 0xaa, 0xeb, 0xe3, 0x84, 0x8c, 0x29, 0x8e, 0x69, 0x72, 0x2d, 0x47, 0xde,
0x8e, 0xb9, 0xaa, 0xc2, 0x7b, 0x64, 0x4c, 0xbb, 0x1a, 0x45, 0xfb, 0x7a, 0x5f, 0xc2, 0x5c, 0x08,
0x9a, 0x84, 0x13, 0xcf, 0xd5, 0xa4, 0x79, 0x08, 0x35, 0xe1, 0xff, 0x66, 0x6c, 0x43, 0xce, 0x65,
0x26, 0x05, 0x49, 0xb1, 0xa4, 0xe3, 0x34, 0x26, 0x92, 0x9a, 0x15, 0xaa, 0xe9, 0x43, 0xd4, 0x35,
0xe9, 0xa4, 0xe0, 0x04, 0x96, 0xa2, 0x57, 0x8a, 0x42, 0x8d, 0x25, 0x92, 0x8a, 0x90, 0xa6, 0xea,
0xaa, 0x78, 0xcc, 0x23, 0xea, 0x21, 0x3d, 0x9a, 0x1f, 0x16, 0x8e, 0x66, 0x6e, 0xa3, 0x1b, 0x9d,
0x64, 0xc8, 0xf3, 0x24, 0xea, 0xcc, 0x15, 0x78, 0xce, 0x23, 0xea, 0xbb, 0xec, 0x03, 0xe4, 0xe0,
0x09, 0xec, 0x7d, 0x84, 0x8c, 0xb6, 0x61, 0xd3, 0x6f, 0x9f, 0x76, 0xfc, 0x76, 0x2b, 0x70, 0x57,
0x10, 0xc0, 0x7a, 0x70, 0xee, 0xf7, 0x5f, 0x5d, 0xba, 0xce, 0xc1, 0xdf, 0x15, 0x80, 0xe7, 0x34,
0x1b, 0x59, 0xff, 0x78, 0x04, 0x68, 0xcc, 0xde, 0x52, 0x81, 0xc3, 0x11, 0x0d, 0xdf, 0x60, 0xb5,
0xf2, 0x54, 0x58, 0x1b, 0x71, 0x75, 0xa4, 0xa5, 0x02, 0x03, 0x8d, 0xa3, 0x06, 0xdc, 0x36, 0x6c,
0x41, 0x95, 0x9c, 0x0a, 0xba, 0x31, 0x95, 0x9a, 0x0e, 0xf9, 0x3a, 0x62, 0xf9, 0xc7, 0xa0, 0x96,
0x86, 0x0c, 0x63, 0x6a, 0x05, 0x62, 0xda, 0x64, 0xda, 0x61, 0x36, 0xfd, 0xdb, 0x36, 0x68, 0xde,
0x5c, 0x37, 0xca, 0xd0, 0x43, 0xa8, 0x99, 0xf9, 0xc7, 0x2c, 0x93, 0xd4, 0xea, 0x76, 0x4d, 0xbf,
0xd3, 0x8e, 0x0e, 0x74, 0x35, 0xae, 0x85, 0xfb, 0x00, 0x0c, 0x84, 0x47, 0x52, 0xa6, 0x86, 0x79,
0x4b, 0x33, 0x2b, 0x1a, 0x7e, 0x26, 0x65, 0xaa, 0x79, 0x0b, 0x96, 0x6f, 0xfd, 0x53, 0x97, 0xef,
0x4b, 0xa8, 0xb0, 0xe4, 0x5a, 0x6d, 0x16, 0x0e, 0x63, 0x92, 0x65, 0xda, 0x30, 0xb6, 0xfc, 0x6d,
0x0b, 0xb6, 0x14, 0xa6, 0xcc, 0xb4, 0x20, 0x59, 0xf7, 0xb4, 0x6e, 0x50, 0xb5, 0xf0, 0xc0, 0xa0,
0x68, 0x0c, 0x7b, 0xd3, 0x6a, 0x66, 0x03, 0x62, 0x2a, 0x8c, 0x50, 0xb6, 0xb4, 0x50, 0xbe, 0x5f,
0x28, 0x94, 0xd9, 0xcb, 0x35, 0x3a, 0xb6, 0xef, 0x34, 0x5b, 0xab, 0x64, 0x97, 0x2d, 0x82, 0x51,
0x1f, 0xca, 0xf3, 0x6b, 0x0a, 0xba, 0xc5, 0xc3, 0x65, 0x2d, 0x66, 0xfb, 0x78, 0x52, 0xf2, 0x1c,
0x1f, 0xc8, 0x6c, 0x3f, 0xdb, 0x50, 0x13, 0x51, 0xf6, 0x81, 0x85, 0x96, 0x97, 0xcd, 0x74, 0x47,
0x44, 0xd9, 0x87, 0xe6, 0x49, 0x13, 0xad, 0x0f, 0x29, 0x48, 0xc8, 0x92, 0x6b, 0x6d, 0x3b, 0x9b,
0x7e, 0xc5, 0xa0, 0x81, 0x01, 0xd5, 0x3b, 0x93, 0x30, 0x54, 0xc3, 0x8a, 0xb9, 0xb5, 0x82, 0x8a,
0x31, 0x59, 0x03, 0x77, 0xb9, 0xf1, 0x81, 0xa7, 0x50, 0x8d, 0xe8, 0x15, 0xc9, 0x63, 0x69, 0x6d,
0x43, 0x3b, 0x46, 0xf9, 0x78, 0x7f, 0xd9, 0xd6, 0xf9, 0x15, 0x9b, 0x67, 0xd7, 0xe2, 0x3b, 0xb8,
0x3b, 0x96, 0x71, 0x86, 0xe9, 0xdb, 0x30, 0xce, 0x23, 0x1a, 0x15, 0xaf, 0x99, 0x79, 0x3b, 0xfb,
0xab, 0x87, 0x5b, 0xfe, 0x1d, 0x15, 0x6d, 0xdb, 0xa0, 0x7d, 0xd3, 0x4c, 0x49, 0xc4, 0xac, 0x47,
0x61, 0xcd, 0xae, 0x91, 0x88, 0x06, 0x0b, 0x5b, 0x1e, 0xc3, 0x1e, 0xcf, 0xa5, 0x5e, 0x5b, 0x75,
0xe9, 0xab, 0x2b, 0x16, 0x16, 0xcf, 0x52, 0xd3, 0x87, 0x5d, 0xfa, 0xf2, 0x7d, 0x9b, 0x1e, 0x98,
0x6c, 0xeb, 0xa4, 0xbb, 0x7c, 0x11, 0x8c, 0x7e, 0x85, 0xb2, 0x18, 0x92, 0xb0, 0x98, 0x07, 0xd2,
0x2d, 0x96, 0xbe, 0xbc, 0x3f, 0x24, 0xa1, 0x9d, 0x0c, 0x88, 0xe9, 0xdf, 0xf5, 0x3f, 0x1d, 0xd8,
0x5d, 0xd8, 0x1d, 0xf5, 0x60, 0x4d, 0x8b, 0xd7, 0xd1, 0xca, 0xfa, 0xe9, 0xb3, 0xae, 0xd0, 0xd0,
0x0a, 0xd6, 0x75, 0x0e, 0x4e, 0x60, 0x4d, 0x0b, 0xb7, 0x06, 0x15, 0xbf, 0xfd, 0xb4, 0x33, 0x08,
0xfc, 0x4b, 0xdc, 0xef, 0x75, 0x2f, 0xdd, 0x15, 0x54, 0x81, 0xad, 0x66, 0xb7, 0xdb, 0x7f, 0x89,
0x9b, 0xbd, 0x4b, 0xd7, 0x41, 0x1e, 0xdc, 0x79, 0xd1, 0xf1, 0x83, 0x8b, 0x66, 0x17, 0x0f, 0xda,
0xfe, 0x8b, 0x4e, 0xab, 0x6d, 0x88, 0xa5, 0xfa, 0x1f, 0xab, 0x00, 0xb3, 0x8b, 0xa0, 0xd6, 0x7b,
0x47, 0x3c, 0xfa, 0xef, 0x23, 0x98, 0x3b, 0x17, 0xea, 0xc3, 0x16, 0x4b, 0xd4, 0x77, 0x92, 0xfa,
0x66, 0x29, 0xe9, 0x61, 0x3e, 0xfe, 0x84, 0x4a, 0x01, 0x11, 0xd7, 0x54, 0xfa, 0xb3, 0x1a, 0xaa,
0xa0, 0x16, 0x99, 0x2e, 0xb8, 0xfa, 0xd9, 0x05, 0xa7, 0x35, 0xea, 0xa7, 0xb0, 0x6e, 0x40, 0x54,
0x87, 0xcd, 0xa9, 0x6c, 0x1d, 0x2d, 0xdb, 0xe9, 0xff, 0xe8, 0x3e, 0x80, 0xfa, 0xb1, 0xcc, 0x52,
0xa2, 0xa2, 0x25, 0x1d, 0x9d, 0x43, 0x0e, 0xda, 0x76, 0xfe, 0x1b, 0xb0, 0xda, 0x3f, 0x3b, 0x73,
0x57, 0xd0, 0x3a, 0x94, 0xfa, 0x3d, 0xd7, 0x41, 0xbb, 0x50, 0xeb, 0xf7, 0xf0, 0xcb, 0x4e, 0xf0,
0x0c, 0x77, 0x7a, 0xad, 0xee, 0xc5, 0xa0, 0xd3, 0xef, 0xb9, 0xa5, 0x79, 0xb8, 0xfd, 0xaa, 0x80,
0x57, 0x0f, 0x7e, 0x84, 0xdd, 0x85, 0x3e, 0x35, 0xab, 0x5b, 0x86, 0x8d, 0xd3, 0xf6, 0x59, 0xf3,
0xa2, 0x1b, 0xb8, 0x8e, 0xfa, 0xa1, 0x1a, 0x04, 0x7e, 0xa7, 0x15, 0xb8, 0xa5, 0x83, 0x07, 0x00,
0x73, 0xdf, 0x03, 0x9b, 0xb0, 0xd6, 0xeb, 0xf7, 0xda, 0xee, 0x0a, 0xaa, 0x02, 0x3c, 0xbf, 0xd0,
0xcf, 0x1d, 0x74, 0x07, 0xae, 0xf3, 0xf0, 0x67, 0xb8, 0xb3, 0xe8, 0xcb, 0xe2, 0xe3, 0x19, 0x68,
0x1b, 0x36, 0x3a, 0xbd, 0x67, 0x6d, 0xbf, 0x13, 0xb8, 0xff, 0x6c, 0x9c, 0xfc, 0xef, 0x75, 0xdd,
0x8c, 0x9b, 0xf1, 0x23, 0x92, 0xb2, 0xa3, 0xf7, 0xbe, 0xd8, 0x87, 0xeb, 0xda, 0xc4, 0x9e, 0xfc,
0x1b, 0x00, 0x00, 0xff, 0xff, 0x8a, 0xc0, 0x6d, 0x40, 0xc9, 0x0b, 0x00, 0x00,
}

17
mesh/v1alpha1/config.proto
View File

@ -115,6 +115,23 @@ message ProxyConfig {
// Path to the proxy bootstrap template file
string proxy_bootstrap_template_path = 17;
// The mode used to redirect inbound traffic to Envoy.
// This setting has no effect on outbound traffic: iptables REDIRECT is always used for
// outbound connections.
enum InboundInterceptionMode {
// The REDIRECT mode uses iptables REDIRECT to NAT and redirect to Envoy. This mode loses
// source IP addresses during redirection.
REDIRECT = 0;
// The TPROXY mode uses iptables TPROXY to redirect to Envoy. This mode preserves both the
// source and destination IP addresses and ports, so that they can be used for advanced
// filtering and manipulation. This mode also configures the sidecar to run with the
// CAP_NET_ADMIN capability, which is required to use TPROXY.
TPROXY = 1;
}
// The mode used to redirect inbound traffic to Envoy.
InboundInterceptionMode interception_mode = 18;
}
// MeshConfig defines mesh-wide variables shared by all Envoy instances in the

45
mesh/v1alpha1/istio.mesh.v1alpha1.pb.html
View File

@ -4,7 +4,7 @@ overview: Configuration affecting the service mesh as a whole
location: https://istio.io/docs/reference/config/istio.mesh.v1alpha1.html
layout: protoc-gen-docs
redirect_from: /docs/reference/config/service-mesh.html
number_of_entries: 10
number_of_entries: 11
---
<h2 id="AuthenticationPolicy">AuthenticationPolicy</h2>
<section>
@ -653,6 +653,49 @@ Increase the value of this field if you find that the metrics from Envoys are tr
<td>
<p>Path to the proxy bootstrap template file</p>
</td>
</tr>
<tr id="ProxyConfig.interception_mode">
<td><code>interceptionMode</code></td>
<td><code><a href="#ProxyConfig.InboundInterceptionMode">ProxyConfig.InboundInterceptionMode</a></code></td>
<td>
<p>The mode used to redirect inbound traffic to Envoy.</p>
</td>
</tr>
</tbody>
</table>
</section>
<h2 id="ProxyConfig.InboundInterceptionMode">ProxyConfig.InboundInterceptionMode</h2>
<section>
<p>The mode used to redirect inbound traffic to Envoy.
This setting has no effect on outbound traffic: iptables REDIRECT is always used for
outbound connections.</p>
<table class="enum-values">
<thead>
<tr>
<th>Name</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr id="ProxyConfig.InboundInterceptionMode.REDIRECT">
<td><code>REDIRECT</code></td>
<td>
<p>The REDIRECT mode uses iptables REDIRECT to NAT and redirect to Envoy. This mode loses
source IP addresses during redirection.</p>
</td>
</tr>
<tr id="ProxyConfig.InboundInterceptionMode.TPROXY">
<td><code>TPROXY</code></td>
<td>
<p>The TPROXY mode uses iptables TPROXY to redirect to Envoy. This mode preserves both the
source and destination IP addresses and ports, so that they can be used for advanced
filtering and manipulation. This mode also configures the sidecar to run with the
CAP<em>NET</em>ADMIN capability, which is required to use TPROXY.</p>
</td>
</tr>
</tbody>

72
python/istio_api/mesh/v1alpha1/config_pb2.py
View File

@ -21,7 +21,7 @@ DESCRIPTOR = _descriptor.FileDescriptor(
name='mesh/v1alpha1/config.proto',
package='istio.mesh.v1alpha1',
syntax='proto3',
serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\"\xf4\x04\n\x0bProxyConfig\x12\x13\n\x0b\x63onfig_path\x18\x01 \x01(\t\x12\x13\n\x0b\x62inary_path\x18\x02 \x01(\t\x12\x17\n\x0fservice_cluster\x18\x03 \x01(\t\x12\x31\n\x0e\x64rain_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12;\n\x18parent_shutdown_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x19\n\x11\x64iscovery_address\x18\x06 \x01(\t\x12:\n\x17\x64iscovery_refresh_delay\x18\x07 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x16\n\x0ezipkin_address\x18\x08 \x01(\t\x12\x32\n\x0f\x63onnect_timeout\x18\t \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1a\n\x12statsd_udp_address\x18\n \x01(\t\x12\x18\n\x10proxy_admin_port\x18\x0b \x01(\x05\x12\x19\n\x11\x61vailability_zone\x18\x0c \x01(\t\x12L\n\x19\x63ontrol_plane_auth_policy\x18\r \x01(\x0e\x32).istio.mesh.v1alpha1.AuthenticationPolicy\x12\x1a\n\x12\x63ustom_config_file\x18\x0e \x01(\t\x12\x18\n\x10stat_name_length\x18\x0f \x01(\x05\x12\x13\n\x0b\x63oncurrency\x18\x10 \x01(\x05\x12%\n\x1dproxy_bootstrap_template_path\x18\x11 \x01(\t\"\xe6\n\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x34\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x1e\n\x16mtls_excluded_services\x18\x0f \x03(\t\x12\x15\n\rmixer_address\x18\x10 \x01(\t\x12V\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy\x12?\n\x0brbac_config\x18\x12 \x01(\x0b\x32*.istio.mesh.v1alpha1.MeshConfig.RbacConfig\x1a\xa5\x01\n\x15OutboundTrafficPolicy\x12H\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.Mode\"B\n\x04Mode\x12\x11\n\rREGISTRY_ONLY\x10\x00\x12\r\n\tALLOW_ANY\x10\x01\x12\x18\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\xce\x02\n\nRbacConfig\x12=\n\x04mode\x18\x01 \x01(\x0e\x32/.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Mode\x12\x44\n\tinclusion\x18\x02 \x01(\x0b\x32\x31.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Target\x12\x44\n\texclusion\x18\x03 \x01(\x0b\x32\x31.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Target\x1a.\n\x06Target\x12\x10\n\x08services\x18\x01 \x03(\t\x12\x12\n\nnamespaces\x18\x02 \x03(\t\"E\n\x04Mode\x12\x07\n\x03OFF\x10\x00\x12\x06\n\x02ON\x10\x01\x12\x15\n\x11ON_WITH_INCLUSION\x10\x02\x12\x15\n\x11ON_WITH_EXCLUSION\x10\x03\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01*>\n\x14\x41uthenticationPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\x12\x0c\n\x07INHERIT\x10\xe8\x07\x42\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3')
serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\"\xfe\x05\n\x0bProxyConfig\x12\x13\n\x0b\x63onfig_path\x18\x01 \x01(\t\x12\x13\n\x0b\x62inary_path\x18\x02 \x01(\t\x12\x17\n\x0fservice_cluster\x18\x03 \x01(\t\x12\x31\n\x0e\x64rain_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12;\n\x18parent_shutdown_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x19\n\x11\x64iscovery_address\x18\x06 \x01(\t\x12:\n\x17\x64iscovery_refresh_delay\x18\x07 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x16\n\x0ezipkin_address\x18\x08 \x01(\t\x12\x32\n\x0f\x63onnect_timeout\x18\t \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1a\n\x12statsd_udp_address\x18\n \x01(\t\x12\x18\n\x10proxy_admin_port\x18\x0b \x01(\x05\x12\x19\n\x11\x61vailability_zone\x18\x0c \x01(\t\x12L\n\x19\x63ontrol_plane_auth_policy\x18\r \x01(\x0e\x32).istio.mesh.v1alpha1.AuthenticationPolicy\x12\x1a\n\x12\x63ustom_config_file\x18\x0e \x01(\t\x12\x18\n\x10stat_name_length\x18\x0f \x01(\x05\x12\x13\n\x0b\x63oncurrency\x18\x10 \x01(\x05\x12%\n\x1dproxy_bootstrap_template_path\x18\x11 \x01(\t\x12S\n\x11interception_mode\x18\x12 \x01(\x0e\x32\x38.istio.mesh.v1alpha1.ProxyConfig.InboundInterceptionMode\"3\n\x17InboundInterceptionMode\x12\x0c\n\x08REDIRECT\x10\x00\x12\n\n\x06TPROXY\x10\x01\"\xe6\n\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x34\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x1e\n\x16mtls_excluded_services\x18\x0f \x03(\t\x12\x15\n\rmixer_address\x18\x10 \x01(\t\x12V\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy\x12?\n\x0brbac_config\x18\x12 \x01(\x0b\x32*.istio.mesh.v1alpha1.MeshConfig.RbacConfig\x1a\xa5\x01\n\x15OutboundTrafficPolicy\x12H\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.Mode\"B\n\x04Mode\x12\x11\n\rREGISTRY_ONLY\x10\x00\x12\r\n\tALLOW_ANY\x10\x01\x12\x18\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\xce\x02\n\nRbacConfig\x12=\n\x04mode\x18\x01 \x01(\x0e\x32/.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Mode\x12\x44\n\tinclusion\x18\x02 \x01(\x0b\x32\x31.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Target\x12\x44\n\texclusion\x18\x03 \x01(\x0b\x32\x31.istio.mesh.v1alpha1.MeshConfig.RbacConfig.Target\x1a.\n\x06Target\x12\x10\n\x08services\x18\x01 \x03(\t\x12\x12\n\nnamespaces\x18\x02 \x03(\t\"E\n\x04Mode\x12\x07\n\x03OFF\x10\x00\x12\x06\n\x02ON\x10\x01\x12\x15\n\x11ON_WITH_INCLUSION\x10\x02\x12\x15\n\x11ON_WITH_EXCLUSION\x10\x03\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01*>\n\x14\x41uthenticationPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\x12\x0c\n\x07INHERIT\x10\xe8\x07\x42\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3')
,
dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,])
@ -46,8 +46,8 @@ _AUTHENTICATIONPOLICY = _descriptor.EnumDescriptor(
],
containing_type=None,
options=None,
serialized_start=2099,
serialized_end=2161,
serialized_start=2237,
serialized_end=2299,
)
_sym_db.RegisterEnumDescriptor(_AUTHENTICATIONPOLICY)
@ -57,6 +57,28 @@ MUTUAL_TLS = 1
INHERIT = 1000
_PROXYCONFIG_INBOUNDINTERCEPTIONMODE = _descriptor.EnumDescriptor(
name='InboundInterceptionMode',
full_name='istio.mesh.v1alpha1.ProxyConfig.InboundInterceptionMode',
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name='REDIRECT', index=0, number=0,
options=None,
type=None),
_descriptor.EnumValueDescriptor(
name='TPROXY', index=1, number=1,
options=None,
type=None),
],
containing_type=None,
options=None,
serialized_start=799,
serialized_end=850,
)
_sym_db.RegisterEnumDescriptor(_PROXYCONFIG_INBOUNDINTERCEPTIONMODE)
_MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE = _descriptor.EnumDescriptor(
name='Mode',
full_name='istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.Mode',
@ -78,8 +100,8 @@ _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE = _descriptor.EnumDescriptor(
],
containing_type=None,
options=None,
serialized_start=1595,
serialized_end=1661,
serialized_start=1733,
serialized_end=1799,
)
_sym_db.RegisterEnumDescriptor(_MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE)
@ -108,8 +130,8 @@ _MESHCONFIG_RBACCONFIG_MODE = _descriptor.EnumDescriptor(
],
containing_type=None,
options=None,
serialized_start=1929,
serialized_end=1998,
serialized_start=2067,
serialized_end=2136,
)
_sym_db.RegisterEnumDescriptor(_MESHCONFIG_RBACCONFIG_MODE)
@ -134,8 +156,8 @@ _MESHCONFIG_INGRESSCONTROLLERMODE = _descriptor.EnumDescriptor(
],
containing_type=None,
options=None,
serialized_start=2000,
serialized_end=2057,
serialized_start=2138,
serialized_end=2195,
)
_sym_db.RegisterEnumDescriptor(_MESHCONFIG_INGRESSCONTROLLERMODE)
@ -156,8 +178,8 @@ _MESHCONFIG_AUTHPOLICY = _descriptor.EnumDescriptor(
],
containing_type=None,
options=None,
serialized_start=2059,
serialized_end=2097,
serialized_start=2197,
serialized_end=2235,
)
_sym_db.RegisterEnumDescriptor(_MESHCONFIG_AUTHPOLICY)
@ -288,11 +310,19 @@ _PROXYCONFIG = _descriptor.Descriptor(
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None, file=DESCRIPTOR),
_descriptor.FieldDescriptor(
name='interception_mode', full_name='istio.mesh.v1alpha1.ProxyConfig.interception_mode', index=17,
number=18, type=14, cpp_type=8, label=1,
has_default_value=False, default_value=0,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None, file=DESCRIPTOR),
],
extensions=[
],
nested_types=[],
enum_types=[
_PROXYCONFIG_INBOUNDINTERCEPTIONMODE,
],
options=None,
is_extendable=False,
@ -301,7 +331,7 @@ _PROXYCONFIG = _descriptor.Descriptor(
oneofs=[
],
serialized_start=84,
serialized_end=712,
serialized_end=850,
)
@ -332,8 +362,8 @@ _MESHCONFIG_OUTBOUNDTRAFFICPOLICY = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=1496,
serialized_end=1661,
serialized_start=1634,
serialized_end=1799,
)
_MESHCONFIG_RBACCONFIG_TARGET = _descriptor.Descriptor(
@ -369,8 +399,8 @@ _MESHCONFIG_RBACCONFIG_TARGET = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=1881,
serialized_end=1927,
serialized_start=2019,
serialized_end=2065,
)
_MESHCONFIG_RBACCONFIG = _descriptor.Descriptor(
@ -414,8 +444,8 @@ _MESHCONFIG_RBACCONFIG = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=1664,
serialized_end=1998,
serialized_start=1802,
serialized_end=2136,
)
_MESHCONFIG = _descriptor.Descriptor(
@ -565,8 +595,8 @@ _MESHCONFIG = _descriptor.Descriptor(
extension_ranges=[],
oneofs=[
],
serialized_start=715,
serialized_end=2097,
serialized_start=853,
serialized_end=2235,
)
_PROXYCONFIG.fields_by_name['drain_duration'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION
@ -574,6 +604,8 @@ _PROXYCONFIG.fields_by_name['parent_shutdown_duration'].message_type = google_do
_PROXYCONFIG.fields_by_name['discovery_refresh_delay'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION
_PROXYCONFIG.fields_by_name['connect_timeout'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION
_PROXYCONFIG.fields_by_name['control_plane_auth_policy'].enum_type = _AUTHENTICATIONPOLICY
_PROXYCONFIG.fields_by_name['interception_mode'].enum_type = _PROXYCONFIG_INBOUNDINTERCEPTIONMODE
_PROXYCONFIG_INBOUNDINTERCEPTIONMODE.containing_type = _PROXYCONFIG
_MESHCONFIG_OUTBOUNDTRAFFICPOLICY.fields_by_name['mode'].enum_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE
_MESHCONFIG_OUTBOUNDTRAFFICPOLICY.containing_type = _MESHCONFIG
_MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE.containing_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY