expose.envoy ************ .. include:: template.service.expose.envoy.example .. _expose.envoy.cluster_certificates: :kw:`cluster_certificates` ========================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** list ================= ================================================================ The TLS certificates used to communicate with cluster endpoints. .. _expose.envoy.cluster_data: :kw:`cluster_data` ================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** json ================= ================================================================ The envoy protocol compliant data in json format used to bootstrap the Cluster config messages. Parts of this structure, like endpoints, are amended to reflect the actual cluster state. .. _expose.envoy.cluster_private_key_filename: :kw:`cluster_private_key_filename` ================================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic ================= ================================================================ Local filesystem data source of the TLS private key used to communicate with cluster endpoints. .. _expose.envoy.filter_config_data: :kw:`filter_config_data` ======================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** json ================= ================================================================ The envoy protocol compliant data in json format used to bootstrap the Listener filter config messages. Parts of this structure, like routes, are amended by more specific keywords. .. _expose.envoy.gateway: :kw:`gateway` ============= ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic ================= ================================================================ The name of the ingress gateway that should handle this expose. .. _expose.envoy.lb_policy: :kw:`lb_policy` =============== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** round robin **inheritance** leaf > head **scope order** specific > generic **candidates** round robin | least_request | ring_hash | random | original_dst_lb | maglev ================= ================================================================ The name of the envoy cluster load balancing policy. .. _expose.envoy.listener_addr: :kw:`listener_addr` =================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** The main proxy ip address. **inheritance** leaf > head **scope order** specific > generic ================= ================================================================ The public ip address to expose from. .. _expose.envoy.listener_certificates: :kw:`listener_certificates` =========================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** list ================= ================================================================ The TLS certificates used by the listener. .. _expose.envoy.listener_port: :kw:`listener_port` =================== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** The expose . **inheritance** leaf > head **scope order** specific > generic **convert** integer ================= ================================================================ The public port number to expose from. The special value 0 is interpreted as a request for auto-allocation. .. _expose.envoy.port: :kw:`port` ========== ================= ================================================================ **scopable** True **required** True **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** integer ================= ================================================================ The port number of the endpoint. .. _expose.envoy.protocol: :kw:`protocol` ============== ================= ================================================================ **scopable** True **required** False **provisioning** False **default** tcp **inheritance** leaf > head **scope order** specific > generic **candidates** tcp | udp ================= ================================================================ The protocol of the endpoint. .. _expose.envoy.sni: :kw:`sni` ========= ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** list ================= ================================================================ The SNI server names to match on the proxy to select this service endpoints. The socket server must support TLS. .. _expose.envoy.vhosts: :kw:`vhosts` ============ ================= ================================================================ **scopable** True **required** False **provisioning** False **default** None **inheritance** leaf > head **scope order** specific > generic **convert** list ================= ================================================================ The list of vhost resource identifiers for this expose. .. _expose.envoy.comment: :kw:`comment` ============= ================= ================================================================ **scopable** False **required** False **provisioning** False **default** **inheritance** leaf > head **scope order** specific > generic ================= ================================================================ Helps users understand the role of the service and resources, which is nice to on-call support people having to operate on a service they are not usually responsible for.