istio
/
proxy
mirror of https://github.com/istio/proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
proxy/testdata/testdata.gen.go

1238 lines
38 KiB
Go
Raw Permalink Blame History

// Code generated for package testdata by go-bindata DO NOT EDIT. (@generated)
// sources:
// bootstrap/client.yaml.tmpl
// bootstrap/client_cluster_metadata_precedence.yaml.tmpl
// bootstrap/otel_stats.yaml.tmpl
// bootstrap/server.yaml.tmpl
// bootstrap/stats.yaml.tmpl
// bootstrap/stats_expiry.yaml.tmpl
// listener/client.yaml.tmpl
// listener/client_passthrough.yaml.tmpl
// listener/internal_outbound.yaml.tmpl
// listener/server.yaml.tmpl
// listener/tcp_client.yaml.tmpl
// listener/tcp_passthrough.yaml.tmpl
// listener/tcp_server.yaml.tmpl
// listener/tcp_waypoint_server.yaml.tmpl
// listener/terminate_connect.yaml.tmpl
package testdata
import (
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strings"
"time"
)
type asset struct {
bytes []byte
info os.FileInfo
}
type bindataFileInfo struct {
name string
size int64
mode os.FileMode
modTime time.Time
}
// Name return file name
func (fi bindataFileInfo) Name() string {
return fi.name
}
// Size return file size
func (fi bindataFileInfo) Size() int64 {
return fi.size
}
// Mode return file mode
func (fi bindataFileInfo) Mode() os.FileMode {
return fi.mode
}
// Mode return file modify time
func (fi bindataFileInfo) ModTime() time.Time {
return fi.modTime
}
// IsDir return file whether a directory
func (fi bindataFileInfo) IsDir() bool {
return fi.mode&os.ModeDir != 0
}
// Sys return file is sys mode
func (fi bindataFileInfo) Sys() interface{} {
return nil
}
var _bootstrapClientYamlTmpl = []byte(`node:
id: client
cluster: test-cluster
metadata: { {{ .Vars.ClientMetadata | fill }} }
admin:
access_log_path: /dev/null
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ClientAdmin }}
{{ .Vars.StatsConfig }}
dynamic_resources:
ads_config:
api_type: DELTA_GRPC
transport_api_version: V3
grpc_services:
- envoy_grpc:
cluster_name: xds_cluster
cds_config:
ads: {}
resource_api_version: V3
lds_config:
ads: {}
resource_api_version: V3
static_resources:
clusters:
- connect_timeout: 5s
load_assignment:
cluster_name: xds_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.XDSPort }}
http2_protocol_options: {}
name: xds_cluster
- name: server-outbound-cluster
connect_timeout: 5s
type: STATIC
http2_protocol_options: {}
{{- if ne .Vars.ElideServerMetadata "true" }}
metadata:
filter_metadata:
istio:
services:
- host: server.default.svc.cluster.local
name: server
namespace: default
{{- end }}
load_assignment:
cluster_name: server-outbound-cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.2
port_value: {{ .Ports.ServerPort }}
{{- if eq .Vars.EnableEndpointMetadata "true" }}
metadata:
filter_metadata:
istio:
workload: ratings-v1;default;ratings;version-1;server-cluster
{{- end }}
{{ .Vars.ClientTLSContext | indent 4 }}
{{ .Vars.ClientStaticCluster | indent 2 }}
bootstrap_extensions:
- name: envoy.bootstrap.internal_listener
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener
{{- if eq .Vars.EnableMetadataDiscovery "true" }}
- name: metadata_discovery
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/istio.workload.BootstrapExtension
value:
config_source:
ads: {}
{{- end }}
`)
func bootstrapClientYamlTmplBytes() ([]byte, error) {
return _bootstrapClientYamlTmpl, nil
}
func bootstrapClientYamlTmpl() (*asset, error) {
bytes, err := bootstrapClientYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/client.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _bootstrapClient_cluster_metadata_precedenceYamlTmpl = []byte(`node:
id: client
cluster: test-cluster
metadata: { {{ .Vars.ClientMetadata | fill }} }
admin:
access_log_path: /dev/null
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ClientAdmin }}
{{ .Vars.StatsConfig }}
dynamic_resources:
ads_config:
api_type: DELTA_GRPC
transport_api_version: V3
grpc_services:
- envoy_grpc:
cluster_name: xds_cluster
cds_config:
ads: {}
resource_api_version: V3
lds_config:
ads: {}
resource_api_version: V3
static_resources:
clusters:
- connect_timeout: 5s
load_assignment:
cluster_name: xds_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.XDSPort }}
http2_protocol_options: {}
name: xds_cluster
- name: server-outbound-cluster
connect_timeout: 5s
type: STATIC
http2_protocol_options: {}
{{- if ne .Vars.ElideServerMetadata "true" }}
metadata:
filter_metadata:
istio:
services:
- host: server.default.svc.cluster.local
name: server
namespace: server
{{- end }}
load_assignment:
cluster_name: server-outbound-cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.2
port_value: {{ .Ports.ServerPort }}
{{- if eq .Vars.EnableEndpointMetadata "true" }}
metadata:
filter_metadata:
istio:
workload: ratings-v1;default;ratings;version-1;server-cluster
{{- end }}
{{ .Vars.ClientTLSContext | indent 4 }}
{{ .Vars.ClientStaticCluster | indent 2 }}
bootstrap_extensions:
- name: envoy.bootstrap.internal_listener
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener
{{- if eq .Vars.EnableMetadataDiscovery "true" }}
- name: metadata_discovery
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/istio.workload.BootstrapExtension
value:
config_source:
ads: {}
{{- end }}
`)
func bootstrapClient_cluster_metadata_precedenceYamlTmplBytes() ([]byte, error) {
return _bootstrapClient_cluster_metadata_precedenceYamlTmpl, nil
}
func bootstrapClient_cluster_metadata_precedenceYamlTmpl() (*asset, error) {
bytes, err := bootstrapClient_cluster_metadata_precedenceYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/client_cluster_metadata_precedence.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _bootstrapOtel_statsYamlTmpl = []byte(`stats_sinks:
- name: otel
typed_config:
"@type": type.googleapis.com/envoy.extensions.stat_sinks.open_telemetry.v3.SinkConfig
grpc_service:
envoy_grpc:
cluster_name: otel
stats_config:
stats_matcher:
inclusion_list:
patterns:
- prefix: "istiocustom."
`)
func bootstrapOtel_statsYamlTmplBytes() ([]byte, error) {
return _bootstrapOtel_statsYamlTmpl, nil
}
func bootstrapOtel_statsYamlTmpl() (*asset, error) {
bytes, err := bootstrapOtel_statsYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/otel_stats.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _bootstrapServerYamlTmpl = []byte(`node:
id: server
cluster: test-cluster
metadata: { {{ .Vars.ServerMetadata | fill }} }
admin:
access_log_path: /dev/null
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ServerAdmin }}
{{ .Vars.StatsConfig }}
dynamic_resources:
ads_config:
api_type: DELTA_GRPC
transport_api_version: V3
grpc_services:
- envoy_grpc:
cluster_name: xds_cluster
cds_config:
ads: {}
resource_api_version: V3
lds_config:
ads: {}
resource_api_version: V3
static_resources:
clusters:
- connect_timeout: 5s
load_assignment:
cluster_name: xds_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.XDSPort }}
http2_protocol_options: {}
name: xds_cluster
- name: server-inbound-cluster
connect_timeout: 5s
type: STATIC
{{- if eq .Vars.UsingGrpcBackend "true" }}
http2_protocol_options: {}
{{- end }}
{{- if ne .Vars.ElideServerMetadata "true" }}
metadata:
filter_metadata:
istio:
services:
- host: server.default.svc.cluster.local
name: server
namespace: default
{{- end }}
load_assignment:
cluster_name: server-inbound-cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.3
port_value: {{ .Ports.BackendPort }}
{{ .Vars.ServerStaticCluster | indent 2 }}
{{- if ne .Vars.DisableDirectResponse "true" }}
listeners:
- name: staticreply
address:
socket_address:
address: 127.0.0.3
port_value: {{ .Ports.BackendPort }}
filter_chains:
- filters:
- name: http
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: staticreply
codec_type: AUTO
route_config:
name: staticreply
virtual_hosts:
- name: staticreply
domains: ["*"]
routes:
- match:
prefix: "/"
direct_response:
{{- if .Vars.DirectResponseCode }}
status: {{ .Vars.DirectResponseCode }}
{{- else }}
status: 200
{{- end }}
body:
inline_string: "hello, world!"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
{{- end }}
bootstrap_extensions:
- name: envoy.bootstrap.internal_listener
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener
{{- if eq .Vars.EnableMetadataDiscovery "true" }}
- name: metadata_discovery
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/istio.workload.BootstrapExtension
value:
config_source:
ads: {}
{{- end }}
`)
func bootstrapServerYamlTmplBytes() ([]byte, error) {
return _bootstrapServerYamlTmpl, nil
}
func bootstrapServerYamlTmpl() (*asset, error) {
bytes, err := bootstrapServerYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/server.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _bootstrapStatsYamlTmpl = []byte(`stats_config:
use_all_default_tags: true
stats_tags:
- tag_name: "reporter"
regex: "(reporter=\\.=(.*?);\\.;)"
- tag_name: "source_namespace"
regex: "(source_namespace=\\.=(.*?);\\.;)"
- tag_name: "source_workload"
regex: "(source_workload=\\.=(.*?);\\.;)"
- tag_name: "source_canonical_service"
regex: "(source_canonical_service=\\.=(.*?);\\.;)"
- tag_name: "source_canonical_revision"
regex: "(source_canonical_revision=\\.=(.*?);\\.;)"
- tag_name: "source_workload_namespace"
regex: "(source_workload_namespace=\\.=(.*?);\\.;)"
- tag_name: "source_principal"
regex: "(source_principal=\\.=(.*?);\\.;)"
- tag_name: "source_app"
regex: "(source_app=\\.=(.*?);\\.;)"
- tag_name: "source_version"
regex: "(source_version=\\.=(.*?);\\.;)"
- tag_name: "destination_namespace"
regex: "(destination_namespace=\\.=(.*?);\\.;)"
- tag_name: "source_cluster"
regex: "(source_cluster=\\.=(.*?);\\.;)"
- tag_name: "destination_workload"
regex: "(destination_workload=\\.=(.*?);\\.;)"
- tag_name: "destination_workload_namespace"
regex: "(destination_workload_namespace=\\.=(.*?);\\.;)"
- tag_name: "destination_principal"
regex: "(destination_principal=\\.=(.*?);\\.;)"
- tag_name: "destination_app"
regex: "(destination_app=\\.=(.*?);\\.;)"
- tag_name: "destination_version"
regex: "(destination_version=\\.=(.*?);\\.;)"
- tag_name: "destination_service"
regex: "(destination_service=\\.=(.*?);\\.;)"
- tag_name: "destination_canonical_service"
regex: "(destination_canonical_service=\\.=(.*?);\\.;)"
- tag_name: "destination_canonical_revision"
regex: "(destination_canonical_revision=\\.=(.*?);\\.;)"
- tag_name: "destination_service_name"
regex: "(destination_service_name=\\.=(.*?);\\.;)"
- tag_name: "destination_service_namespace"
regex: "(destination_service_namespace=\\.=(.*?);\\.;)"
- tag_name: "destination_cluster"
regex: "(destination_cluster=\\.=(.*?);\\.;)"
- tag_name: "request_protocol"
regex: "(request_protocol=\\.=(.*?);\\.;)"
- tag_name: "response_code"
regex: "(response_code=\\.=(.*?);\\.;)|_rq(_(\\.d{3}))$"
- tag_name: "grpc_response_status"
regex: "(grpc_response_status=\\.=(.*?);\\.;)"
- tag_name: "response_flags"
regex: "(response_flags=\\.=(.*?);\\.;)"
- tag_name: "connection_security_policy"
regex: "(connection_security_policy=\\.=(.*?);\\.;)"
# Extra regexes used for configurable metrics
- tag_name: "configurable_metric_a"
regex: "(configurable_metric_a=\\.=(.*?);\\.;)"
- tag_name: "configurable_metric_b"
regex: "(configurable_metric_b=\\.=(.*?);\\.;)"
- tag_name: "route_name"
regex: "(route_name=\\.=(.*?);\\.;)"
# Internal monitoring
- tag_name: "cache"
regex: "(cache\\.(.*?)\\.)"
- tag_name: "component"
regex: "(component\\.(.*?)\\.)"
- tag_name: "tag"
regex: "(tag\\.(.*?);\\.)"
- tag_name: "wasm_filter"
regex: "(wasm_filter\\.(.*?)\\.)"
`)
func bootstrapStatsYamlTmplBytes() ([]byte, error) {
return _bootstrapStatsYamlTmpl, nil
}
func bootstrapStatsYamlTmpl() (*asset, error) {
bytes, err := bootstrapStatsYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/stats.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _bootstrapStats_expiryYamlTmpl = []byte(`stats_flush_interval: 1s
stats_eviction_interval: 1s
`)
func bootstrapStats_expiryYamlTmplBytes() ([]byte, error) {
return _bootstrapStats_expiryYamlTmpl, nil
}
func bootstrapStats_expiryYamlTmpl() (*asset, error) {
bytes, err := bootstrapStats_expiryYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "bootstrap/stats_expiry.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerClientYamlTmpl = []byte(`{{- if ne .Vars.ClientListeners "" }}
{{ .Vars.ClientListeners }}
{{- else }}
name: client
traffic_direction: OUTBOUND
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ClientPort }}
filter_chains:
- filters:
- name: http
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
stat_prefix: client
{{ .Vars.ClientHTTPAccessLogs | fill | indent 6 }}
http_filters:
{{ .Vars.ClientHTTPFilters | fill | indent 6 }}
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: client
virtual_hosts:
- name: client
domains: ["*"]
routes:
- name: client_route
match: { prefix: / }
route:
{{- if .Vars.ServerClusterName }}
cluster: {{ .Vars.ServerClusterName}}
{{- else }}
cluster: server-outbound-cluster
{{- end }}
timeout: 0s
{{- end }}
`)
func listenerClientYamlTmplBytes() ([]byte, error) {
return _listenerClientYamlTmpl, nil
}
func listenerClientYamlTmpl() (*asset, error) {
bytes, err := listenerClientYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/client.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerClient_passthroughYamlTmpl = []byte(`name: client
traffic_direction: OUTBOUND
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ClientPort }}
filter_chains:
- filters:
- name: http
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
stat_prefix: client
http_filters:
- name: connect_authority
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.http.set_filter_state.v3.Config
value:
on_request_headers:
- object_key: envoy.filters.listener.original_dst.local_ip
format_string:
text_format_source:
inline_string: "%REQ(:AUTHORITY)%"
omit_empty_values: true
shared_with_upstream: ONCE
skip_if_empty: true
- object_key: envoy.filters.listener.original_dst.remote_ip
format_string:
text_format_source:
inline_string: "%DOWNSTREAM_REMOTE_ADDRESS%"
shared_with_upstream: ONCE
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: client
virtual_hosts:
- name: client
domains: ["*"]
routes:
- name: client_route
match: { prefix: / }
route:
cluster: tcp_passthrough
timeout: 0s
`)
func listenerClient_passthroughYamlTmplBytes() ([]byte, error) {
return _listenerClient_passthroughYamlTmpl, nil
}
func listenerClient_passthroughYamlTmpl() (*asset, error) {
bytes, err := listenerClient_passthroughYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/client_passthrough.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerInternal_outboundYamlTmpl = []byte(`name: internal_outbound
internal_listener: {}
listener_filters:
- name: set_dst_address
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
filter_chains:
- filters:
- name: tcp_proxy
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: original_dst
tunneling_config:
hostname: "%DOWNSTREAM_LOCAL_ADDRESS%"
stat_prefix: outbound
`)
func listenerInternal_outboundYamlTmplBytes() ([]byte, error) {
return _listenerInternal_outboundYamlTmpl, nil
}
func listenerInternal_outboundYamlTmpl() (*asset, error) {
bytes, err := listenerInternal_outboundYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/internal_outbound.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerServerYamlTmpl = []byte(`{{- if ne .Vars.ServerListeners "" }}
{{ .Vars.ServerListeners }}
{{- else }}
{{- if ne .Vars.ServerInternalAddress "" }}
name: {{ .Vars.ServerInternalAddress }}
{{- else }}
name: server
{{- end }}
traffic_direction: INBOUND
{{- if ne .Vars.ServerInternalAddress "" }}
internal_listener: {}
{{- else }}
address:
socket_address:
address: 127.0.0.2
port_value: {{ .Ports.ServerPort }}
{{- end }}
filter_chains:
- filters:
{{ .Vars.ServerNetworkFilters | fill | indent 2 }}
- name: http
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
stat_prefix: server
{{ .Vars.ServerHTTPAccessLogs | fill | indent 6 }}
http_filters:
{{ .Vars.ServerHTTPFilters | fill | indent 6 }}
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: server
virtual_hosts:
- name: server
domains: ["*"]
routes:
- name: server_route
match: { prefix: / }
route:
cluster: server-inbound-cluster
timeout: 0s
{{ .Vars.ServerRouteRateLimits | fill | indent 14 }}
{{ .Vars.ServerTLSContext | indent 2 }}
{{- end }}
`)
func listenerServerYamlTmplBytes() ([]byte, error) {
return _listenerServerYamlTmpl, nil
}
func listenerServerYamlTmpl() (*asset, error) {
bytes, err := listenerServerYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/server.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerTcp_clientYamlTmpl = []byte(`name: client
traffic_direction: OUTBOUND
address:
socket_address:
address: 127.0.0.1
port_value: {{ .Ports.ClientPort }}
listener_filters:
- name: "envoy.filters.listener.tls_inspector"
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- name: "envoy.filters.listener.http_inspector"
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.http_inspector.v3.HttpInspector
filter_chains:
- filters:
{{ .Vars.ClientNetworkFilters | fill | indent 2 }}
- name: tcp_proxy
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
value:
stat_prefix: outbound_tcp
{{- if .Vars.ServerClusterName }}
cluster: {{ .Vars.ServerClusterName}}
{{- else }}
cluster: outbound|9080|tcp|server.default.svc.cluster.local
{{- end }}
`)
func listenerTcp_clientYamlTmplBytes() ([]byte, error) {
return _listenerTcp_clientYamlTmpl, nil
}
func listenerTcp_clientYamlTmpl() (*asset, error) {
bytes, err := listenerTcp_clientYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/tcp_client.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerTcp_passthroughYamlTmpl = []byte(`name: tcp_passthrough
internal_listener: {}
listener_filters:
- name: set_dst_address
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
filter_chains:
- filters:
- name: connect_authority
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.network.set_filter_state.v3.Config
value:
on_new_connection:
- object_key: envoy.filters.listener.original_dst.local_ip
format_string:
text_format_source:
inline_string: "%FILTER_STATE(envoy.filters.listener.original_dst.local_ip:PLAIN)%"
shared_with_upstream: ONCE
- name: tcp_proxy
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: internal_outbound
stat_prefix: tcp_passthrough
`)
func listenerTcp_passthroughYamlTmplBytes() ([]byte, error) {
return _listenerTcp_passthroughYamlTmpl, nil
}
func listenerTcp_passthroughYamlTmpl() (*asset, error) {
bytes, err := listenerTcp_passthroughYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/tcp_passthrough.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerTcp_serverYamlTmpl = []byte(`name: server
traffic_direction: INBOUND
address:
socket_address:
address: 127.0.0.2
port_value: {{ .Ports.ServerPort }}
listener_filters:
- name: "envoy.filters.listener.tls_inspector"
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- name: "envoy.filters.listener.http_inspector"
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.http_inspector.v3.HttpInspector
filter_chains:
- filters:
{{ .Vars.ServerNetworkFilters | fill | indent 2 }}
- name: tcp_proxy
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
value:
stat_prefix: inbound_tcp
cluster: inbound|9080|tcp|server.default.svc.cluster.local
{{ .Vars.ServerListenerTLSContext | indent 2 }}
`)
func listenerTcp_serverYamlTmplBytes() ([]byte, error) {
return _listenerTcp_serverYamlTmpl, nil
}
func listenerTcp_serverYamlTmpl() (*asset, error) {
bytes, err := listenerTcp_serverYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/tcp_server.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerTcp_waypoint_serverYamlTmpl = []byte(`{{- if ne .Vars.ServerListeners "" }}
{{ .Vars.ServerListeners }}
{{- else }}
{{- if ne .Vars.ServerInternalAddress "" }}
name: {{ .Vars.ServerInternalAddress }}
{{- else }}
name: server
{{- end }}
traffic_direction: INBOUND
{{- if ne .Vars.ServerInternalAddress "" }}
internal_listener: {}
{{- else }}
address:
socket_address:
address: 127.0.0.2
port_value: {{ .Ports.ServerPort }}
{{- end }}
filter_chains:
- filters:
{{ .Vars.ServerNetworkFilters | fill | indent 2 }}
- name: tcp_proxy
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
value:
stat_prefix: server_inbound_tcp
cluster: server-inbound-cluster
{{ .Vars.ServerListenerTLSContext | indent 2 }}
{{- end }}
`)
func listenerTcp_waypoint_serverYamlTmplBytes() ([]byte, error) {
return _listenerTcp_waypoint_serverYamlTmpl, nil
}
func listenerTcp_waypoint_serverYamlTmpl() (*asset, error) {
bytes, err := listenerTcp_waypoint_serverYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/tcp_waypoint_server.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
var _listenerTerminate_connectYamlTmpl = []byte(`name: terminate_connect
address:
socket_address:
{{ if eq .Vars.quic "true" }}
protocol: UDP
{{ end }}
address: 127.0.0.2
port_value: {{ .Ports.ServerTunnelPort }}
{{ if eq .Vars.quic "true" }}
udp_listener_config:
quic_options: {}
downstream_socket_config:
prefer_gro: true
{{ end }}
filter_chains:
- filters:
# Capture SSL info for the internal listener passthrough
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: terminate_connect
{{ if eq .Vars.quic "true" }}
codec_type: HTTP3
{{ end }}
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains:
- "*"
routes:
- match:
connect_matcher:
{}
route:
cluster: internal_inbound
upgrade_configs:
- upgrade_type: CONNECT
connect_config:
{}
http_filters:
{{ if eq .Vars.quic "true" }}
# TODO: accessing uriSanPeerCertificates() triggers a crash in quiche version.
{{ else }}
- name: authn
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.http.set_filter_state.v3.Config
value:
on_request_headers:
- object_key: io.istio.peer_principal
factory_key: envoy.string
format_string:
text_format_source:
inline_string: "%DOWNSTREAM_PEER_URI_SAN%"
shared_with_upstream: ONCE
- object_key: io.istio.local_principal
factory_key: envoy.string
format_string:
text_format_source:
inline_string: "%DOWNSTREAM_LOCAL_URI_SAN%"
shared_with_upstream: ONCE
{{ end }}
- name: peer_metadata
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/io.istio.http.peer_metadata.Config
value:
downstream_discovery:
- workload_discovery: {}
shared_with_upstream: true
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
http2_protocol_options:
allow_connect: true
upgrade_configs:
- upgrade_type: CONNECT
transport_socket:
{{ if eq .Vars.quic "true" }}
name: quic
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport
value:
downstream_tls_context:
common_tls_context:
tls_certificate_sds_secret_configs:
name: server
sds_config:
api_config_source:
api_type: GRPC
grpc_services:
- envoy_grpc:
cluster_name: xds_cluster
set_node_on_first_message_only: true
transport_api_version: V3
resource_api_version: V3
validation_context:
trusted_ca: { filename: "testdata/certs/root.cert" }
# require_client_certificate: true # XXX: This setting is ignored ATM per @danzh.
{{ else }}
name: tls
typed_config:
"@type": type.googleapis.com/udpa.type.v1.TypedStruct
type_url: envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
value:
common_tls_context:
tls_certificate_sds_secret_configs:
name: server
sds_config:
api_config_source:
api_type: GRPC
grpc_services:
- envoy_grpc:
cluster_name: xds_cluster
set_node_on_first_message_only: true
transport_api_version: V3
resource_api_version: V3
validation_context:
trusted_ca: { filename: "testdata/certs/root.cert" }
require_client_certificate: true
{{ end }}
`)
func listenerTerminate_connectYamlTmplBytes() ([]byte, error) {
return _listenerTerminate_connectYamlTmpl, nil
}
func listenerTerminate_connectYamlTmpl() (*asset, error) {
bytes, err := listenerTerminate_connectYamlTmplBytes()
if err != nil {
return nil, err
}
info := bindataFileInfo{name: "listener/terminate_connect.yaml.tmpl", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
// Asset loads and returns the asset for the given name.
// It returns an error if the asset could not be found or
// could not be loaded.
func Asset(name string) ([]byte, error) {
cannonicalName := strings.Replace(name, "\\", "/", -1)
if f, ok := _bindata[cannonicalName]; ok {
a, err := f()
if err != nil {
return nil, fmt.Errorf("Asset %s can't read by error: %v", name, err)
}
return a.bytes, nil
}
return nil, fmt.Errorf("Asset %s not found", name)
}
// MustAsset is like Asset but panics when Asset would return an error.
// It simplifies safe initialization of global variables.
func MustAsset(name string) []byte {
a, err := Asset(name)
if err != nil {
panic("asset: Asset(" + name + "): " + err.Error())
}
return a
}
// AssetInfo loads and returns the asset info for the given name.
// It returns an error if the asset could not be found or
// could not be loaded.
func AssetInfo(name string) (os.FileInfo, error) {
cannonicalName := strings.Replace(name, "\\", "/", -1)
if f, ok := _bindata[cannonicalName]; ok {
a, err := f()
if err != nil {
return nil, fmt.Errorf("AssetInfo %s can't read by error: %v", name, err)
}
return a.info, nil
}
return nil, fmt.Errorf("AssetInfo %s not found", name)
}
// AssetNames returns the names of the assets.
func AssetNames() []string {
names := make([]string, 0, len(_bindata))
for name := range _bindata {
names = append(names, name)
}
return names
}
// _bindata is a table, holding each asset generator, mapped to its name.
var _bindata = map[string]func() (*asset, error){
"bootstrap/client.yaml.tmpl": bootstrapClientYamlTmpl,
"bootstrap/client_cluster_metadata_precedence.yaml.tmpl": bootstrapClient_cluster_metadata_precedenceYamlTmpl,
"bootstrap/otel_stats.yaml.tmpl": bootstrapOtel_statsYamlTmpl,
"bootstrap/server.yaml.tmpl": bootstrapServerYamlTmpl,
"bootstrap/stats.yaml.tmpl": bootstrapStatsYamlTmpl,
"bootstrap/stats_expiry.yaml.tmpl": bootstrapStats_expiryYamlTmpl,
"listener/client.yaml.tmpl": listenerClientYamlTmpl,
"listener/client_passthrough.yaml.tmpl": listenerClient_passthroughYamlTmpl,
"listener/internal_outbound.yaml.tmpl": listenerInternal_outboundYamlTmpl,
"listener/server.yaml.tmpl": listenerServerYamlTmpl,
"listener/tcp_client.yaml.tmpl": listenerTcp_clientYamlTmpl,
"listener/tcp_passthrough.yaml.tmpl": listenerTcp_passthroughYamlTmpl,
"listener/tcp_server.yaml.tmpl": listenerTcp_serverYamlTmpl,
"listener/tcp_waypoint_server.yaml.tmpl": listenerTcp_waypoint_serverYamlTmpl,
"listener/terminate_connect.yaml.tmpl": listenerTerminate_connectYamlTmpl,
}
// AssetDir returns the file names below a certain
// directory embedded in the file by go-bindata.
// For example if you run go-bindata on data/... and data contains the
// following hierarchy:
// data/
// foo.txt
// img/
// a.png
// b.png
// then AssetDir("data") would return []string{"foo.txt", "img"}
// AssetDir("data/img") would return []string{"a.png", "b.png"}
// AssetDir("foo.txt") and AssetDir("notexist") would return an error
// AssetDir("") will return []string{"data"}.
func AssetDir(name string) ([]string, error) {
node := _bintree
if len(name) != 0 {
cannonicalName := strings.Replace(name, "\\", "/", -1)
pathList := strings.Split(cannonicalName, "/")
for _, p := range pathList {
node = node.Children[p]
if node == nil {
return nil, fmt.Errorf("Asset %s not found", name)
}
}
}
if node.Func != nil {
return nil, fmt.Errorf("Asset %s not found", name)
}
rv := make([]string, 0, len(node.Children))
for childName := range node.Children {
rv = append(rv, childName)
}
return rv, nil
}
type bintree struct {
Func func() (*asset, error)
Children map[string]*bintree
}
var _bintree = &bintree{nil, map[string]*bintree{
"bootstrap": &bintree{nil, map[string]*bintree{
"client.yaml.tmpl": &bintree{bootstrapClientYamlTmpl, map[string]*bintree{}},
"client_cluster_metadata_precedence.yaml.tmpl": &bintree{bootstrapClient_cluster_metadata_precedenceYamlTmpl, map[string]*bintree{}},
"otel_stats.yaml.tmpl": &bintree{bootstrapOtel_statsYamlTmpl, map[string]*bintree{}},
"server.yaml.tmpl": &bintree{bootstrapServerYamlTmpl, map[string]*bintree{}},
"stats.yaml.tmpl": &bintree{bootstrapStatsYamlTmpl, map[string]*bintree{}},
"stats_expiry.yaml.tmpl": &bintree{bootstrapStats_expiryYamlTmpl, map[string]*bintree{}},
}},
"listener": &bintree{nil, map[string]*bintree{
"client.yaml.tmpl": &bintree{listenerClientYamlTmpl, map[string]*bintree{}},
"client_passthrough.yaml.tmpl": &bintree{listenerClient_passthroughYamlTmpl, map[string]*bintree{}},
"internal_outbound.yaml.tmpl": &bintree{listenerInternal_outboundYamlTmpl, map[string]*bintree{}},
"server.yaml.tmpl": &bintree{listenerServerYamlTmpl, map[string]*bintree{}},
"tcp_client.yaml.tmpl": &bintree{listenerTcp_clientYamlTmpl, map[string]*bintree{}},
"tcp_passthrough.yaml.tmpl": &bintree{listenerTcp_passthroughYamlTmpl, map[string]*bintree{}},
"tcp_server.yaml.tmpl": &bintree{listenerTcp_serverYamlTmpl, map[string]*bintree{}},
"tcp_waypoint_server.yaml.tmpl": &bintree{listenerTcp_waypoint_serverYamlTmpl, map[string]*bintree{}},
"terminate_connect.yaml.tmpl": &bintree{listenerTerminate_connectYamlTmpl, map[string]*bintree{}},
}},
}}
// RestoreAsset restores an asset under the given directory
func RestoreAsset(dir, name string) error {
data, err := Asset(name)
if err != nil {
return err
}
info, err := AssetInfo(name)
if err != nil {
return err
}
err = os.MkdirAll(_filePath(dir, filepath.Dir(name)), os.FileMode(0755))
if err != nil {
return err
}
err = ioutil.WriteFile(_filePath(dir, name), data, info.Mode())
if err != nil {
return err
}
err = os.Chtimes(_filePath(dir, name), info.ModTime(), info.ModTime())
if err != nil {
return err
}
return nil
}
// RestoreAssets restores an asset under the given directory recursively
func RestoreAssets(dir, name string) error {
children, err := AssetDir(name)
// File
if err != nil {
return RestoreAsset(dir, name)
}
// Dir
for _, child := range children {
err = RestoreAssets(dir, filepath.Join(name, child))
if err != nil {
return err
}
}
return nil
}
func _filePath(dir, name string) string {
cannonicalName := strings.Replace(name, "\\", "/", -1)
return filepath.Join(append([]string{dir}, strings.Split(cannonicalName, "/")...)...)
}
Reference in New Issue View Git Blame Copy Permalink