expose.envoy¶
Simplest configuration:
[expose#0]
type = envoy
port = foo
svcmgr -s <svcname> set --kw expose#0.type=envoy --kw expose#0.port=foo
cluster_certificates¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | list |
The TLS certificates used to communicate with cluster endpoints.
cluster_data¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | json |
The envoy protocol compliant data in json format used to bootstrap the Cluster config messages. Parts of this structure, like endpoints, are amended to reflect the actual cluster state.
cluster_private_key_filename¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
Local filesystem data source of the TLS private key used to communicate with cluster endpoints.
filter_config_data¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | json |
The envoy protocol compliant data in json format used to bootstrap the Listener filter config messages. Parts of this structure, like routes, are amended by more specific keywords.
gateway¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
The name of the ingress gateway that should handle this expose.
lb_policy¶
| scopable | True |
| required | False |
| provisioning | False |
| default | round robin |
| inheritance | leaf > head |
| scope order | specific > generic |
| candidates | round robin | least_request | ring_hash | random | original_dst_lb | maglev |
The name of the envoy cluster load balancing policy.
listener_addr¶
| scopable | True |
| required | False |
| provisioning | False |
| default | The main proxy ip address. |
| inheritance | leaf > head |
| scope order | specific > generic |
The public ip address to expose from.
listener_certificates¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | list |
The TLS certificates used by the listener.
listener_port¶
| scopable | True |
| required | False |
| provisioning | False |
| default | The expose <port>. |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | integer |
The public port number to expose from. The special value 0 is interpreted as a request for auto-allocation.
port¶
| scopable | True |
| required | True |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | integer |
The port number of the endpoint.
protocol¶
| scopable | True |
| required | False |
| provisioning | False |
| default | tcp |
| inheritance | leaf > head |
| scope order | specific > generic |
| candidates | tcp | udp |
The protocol of the endpoint.
sni¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | list |
The SNI server names to match on the proxy to select this service endpoints. The socket server must support TLS.
vhosts¶
| scopable | True |
| required | False |
| provisioning | False |
| default | None |
| inheritance | leaf > head |
| scope order | specific > generic |
| convert | list |
The list of vhost resource identifiers for this expose.