expose.envoy

Simplest configuration:

[expose#0]
type = envoy
port = foo
svcmgr -s <svcname> set --kw expose#0.type=envoy --kw expose#0.port=foo

cluster_certificates

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic
convert list

The TLS certificates used to communicate with cluster endpoints.

cluster_private_key_filename

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic

Local filesystem data source of the TLS private key used to communicate with cluster endpoints.

gateway

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic

The name of the ingress gateway that should handle this expose.

lb_policy

scopable True
required False
provisioning False
default round robin
inheritance leaf > head
scope order specific > generic
candidates round robin | least_request | ring_hash | random | original_dst_lb | maglev

The name of the envoy cluster load balancing policy.

listener_addr

scopable True
required False
provisioning False
default The main proxy ip address.
inheritance leaf > head
scope order specific > generic

The public ip address to expose from.

listener_certificates

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic
convert list

The TLS certificates used by the listener.

listener_port

scopable True
required False
provisioning False
default The expose <port>.
inheritance leaf > head
scope order specific > generic
convert integer

The public port number to expose from. The special value 0 is interpreted as a request for auto-allocation.

port

scopable True
required True
provisioning False
default None
inheritance leaf > head
scope order specific > generic
convert integer

The port number of the endpoint.

protocol

scopable True
required False
provisioning False
default tcp
inheritance leaf > head
scope order specific > generic
candidates tcp | udp

The protocol of the endpoint.

sni

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic
convert list

The SNI server names to match on the proxy to select this service endpoints. The socket server must support TLS.

vhosts

scopable True
required False
provisioning False
default None
inheritance leaf > head
scope order specific > generic
convert list

The list of vhost resource identifiers for this expose.