mirror of
https://github.com/status-im/consul.git
synced 2025-01-28 06:25:25 +00:00
69f40df548
* feat(ingress gateway: support configuring limits in ingress-gateway config entry - a new Defaults field with max_connections, max_pending_connections, max_requests is added to ingress gateway config entry - new field max_connections, max_pending_connections, max_requests in individual services to overwrite the value in Default - added unit test and integration test - updated doc Co-authored-by: Chris S. Kim <ckim@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
407 lines
10 KiB
Protocol Buffer
407 lines
10 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package hashicorp.consul.internal.configentry;
|
|
|
|
import "google/protobuf/duration.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
import "proto/pbcommon/common.proto";
|
|
|
|
enum Kind {
|
|
KindUnknown = 0;
|
|
KindMeshConfig = 1;
|
|
KindServiceResolver = 2;
|
|
KindIngressGateway = 3;
|
|
KindServiceIntentions = 4;
|
|
}
|
|
|
|
message ConfigEntry {
|
|
Kind Kind = 1;
|
|
string Name = 2;
|
|
|
|
common.EnterpriseMeta EnterpriseMeta = 3;
|
|
common.RaftIndex RaftIndex = 4;
|
|
|
|
oneof Entry {
|
|
MeshConfig MeshConfig = 5;
|
|
ServiceResolver ServiceResolver = 6;
|
|
IngressGateway IngressGateway = 7;
|
|
ServiceIntentions ServiceIntentions = 8;
|
|
}
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.MeshConfigEntry
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
// ignore-fields=RaftIndex,EnterpriseMeta
|
|
message MeshConfig {
|
|
TransparentProxyMeshConfig TransparentProxy = 1;
|
|
MeshTLSConfig TLS = 2;
|
|
MeshHTTPConfig HTTP = 3;
|
|
map<string, string> Meta = 4;
|
|
PeeringMeshConfig Peering = 5;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.TransparentProxyMeshConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message TransparentProxyMeshConfig {
|
|
bool MeshDestinationsOnly = 1;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.MeshTLSConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message MeshTLSConfig {
|
|
MeshDirectionalTLSConfig Incoming = 1;
|
|
MeshDirectionalTLSConfig Outgoing = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.MeshDirectionalTLSConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message MeshDirectionalTLSConfig {
|
|
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
|
|
string TLSMinVersion = 1;
|
|
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
|
|
string TLSMaxVersion = 2;
|
|
// mog: func-from=cipherSuitesFromStructs func-to=cipherSuitesToStructs
|
|
repeated string CipherSuites = 3;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.MeshHTTPConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message MeshHTTPConfig {
|
|
bool SanitizeXForwardedClientCert = 1;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.PeeringMeshConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message PeeringMeshConfig {
|
|
bool PeerThroughMeshGateways = 1;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverConfigEntry
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
|
|
message ServiceResolver {
|
|
string DefaultSubset = 1;
|
|
map<string, ServiceResolverSubset> Subsets = 2;
|
|
ServiceResolverRedirect Redirect = 3;
|
|
map<string, ServiceResolverFailover> Failover = 4;
|
|
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
|
|
google.protobuf.Duration ConnectTimeout = 5;
|
|
LoadBalancer LoadBalancer = 6;
|
|
map<string, string> Meta = 7;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverSubset
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message ServiceResolverSubset {
|
|
string Filter = 1;
|
|
bool OnlyPassing = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverRedirect
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message ServiceResolverRedirect {
|
|
string Service = 1;
|
|
string ServiceSubset = 2;
|
|
string Namespace = 3;
|
|
string Partition = 4;
|
|
string Datacenter = 5;
|
|
string Peer = 6;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverFailover
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message ServiceResolverFailover {
|
|
string Service = 1;
|
|
string ServiceSubset = 2;
|
|
string Namespace = 3;
|
|
repeated string Datacenters = 4;
|
|
repeated ServiceResolverFailoverTarget Targets = 5;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverFailoverTarget
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message ServiceResolverFailoverTarget {
|
|
string Service = 1;
|
|
string ServiceSubset = 2;
|
|
string Partition = 3;
|
|
string Namespace = 4;
|
|
string Datacenter = 5;
|
|
string Peer = 6;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.LoadBalancer
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message LoadBalancer {
|
|
string Policy = 1;
|
|
RingHashConfig RingHashConfig = 2;
|
|
LeastRequestConfig LeastRequestConfig = 3;
|
|
repeated HashPolicy HashPolicies = 4;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.RingHashConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message RingHashConfig {
|
|
uint64 MinimumRingSize = 1;
|
|
uint64 MaximumRingSize = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.LeastRequestConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message LeastRequestConfig {
|
|
uint32 ChoiceCount = 1;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.HashPolicy
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message HashPolicy {
|
|
string Field = 1;
|
|
string FieldValue = 2;
|
|
CookieConfig CookieConfig = 3;
|
|
bool SourceIP = 4;
|
|
bool Terminal = 5;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.CookieConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message CookieConfig {
|
|
bool Session = 1;
|
|
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
|
|
google.protobuf.Duration TTL = 2;
|
|
string Path = 3;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IngressGatewayConfigEntry
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
|
|
message IngressGateway {
|
|
GatewayTLSConfig TLS = 1;
|
|
repeated IngressListener Listeners = 2;
|
|
map<string, string> Meta = 3;
|
|
IngressServiceConfig Defaults = 4;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IngressServiceConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IngressServiceConfig {
|
|
uint32 MaxConnections = 1;
|
|
uint32 MaxPendingRequests = 2;
|
|
uint32 MaxConcurrentRequests = 3;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.GatewayTLSConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message GatewayTLSConfig {
|
|
bool Enabled = 1;
|
|
GatewayTLSSDSConfig SDS = 2;
|
|
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
|
|
string TLSMinVersion = 3;
|
|
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
|
|
string TLSMaxVersion = 4;
|
|
// mog: func-from=cipherSuitesFromStructs func-to=cipherSuitesToStructs
|
|
repeated string CipherSuites = 5;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.GatewayTLSSDSConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message GatewayTLSSDSConfig {
|
|
string ClusterName = 1;
|
|
string CertResource = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IngressListener
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IngressListener {
|
|
// mog: func-to=int func-from=int32
|
|
int32 Port = 1;
|
|
string Protocol = 2;
|
|
repeated IngressService Services = 3;
|
|
GatewayTLSConfig TLS = 4;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IngressService
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IngressService {
|
|
string Name = 1;
|
|
repeated string Hosts = 2;
|
|
GatewayServiceTLSConfig TLS = 3;
|
|
HTTPHeaderModifiers RequestHeaders = 4;
|
|
HTTPHeaderModifiers ResponseHeaders = 5;
|
|
map<string, string> Meta = 6;
|
|
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
|
|
common.EnterpriseMeta EnterpriseMeta = 7;
|
|
uint32 MaxConnections = 8;
|
|
uint32 MaxPendingRequests = 9;
|
|
uint32 MaxConcurrentRequests = 10;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.GatewayServiceTLSConfig
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message GatewayServiceTLSConfig {
|
|
GatewayTLSSDSConfig SDS = 1;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.HTTPHeaderModifiers
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message HTTPHeaderModifiers {
|
|
map<string, string> Add = 1;
|
|
map<string, string> Set = 2;
|
|
repeated string Remove = 3;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.ServiceIntentionsConfigEntry
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
|
|
message ServiceIntentions {
|
|
repeated SourceIntention Sources = 1;
|
|
map<string, string> Meta = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.SourceIntention
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message SourceIntention {
|
|
string Name = 1;
|
|
// mog: func-to=intentionActionToStructs func-from=intentionActionFromStructs
|
|
IntentionAction Action = 2;
|
|
repeated IntentionPermission Permissions = 3;
|
|
// mog: func-to=int func-from=int32
|
|
int32 Precedence = 4;
|
|
string LegacyID = 5;
|
|
// mog: func-to=intentionSourceTypeToStructs func-from=intentionSourceTypeFromStructs
|
|
IntentionSourceType Type = 6;
|
|
string Description = 7;
|
|
map<string, string> LegacyMeta = 8;
|
|
// mog: func-to=timeToStructs func-from=timeFromStructs
|
|
google.protobuf.Timestamp LegacyCreateTime = 9;
|
|
// mog: func-to=timeToStructs func-from=timeFromStructs
|
|
google.protobuf.Timestamp LegacyUpdateTime = 10;
|
|
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
|
|
common.EnterpriseMeta EnterpriseMeta = 11;
|
|
string Peer = 12;
|
|
}
|
|
|
|
enum IntentionAction {
|
|
Deny = 0;
|
|
Allow = 1;
|
|
}
|
|
|
|
enum IntentionSourceType {
|
|
Consul = 0;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IntentionPermission
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IntentionPermission {
|
|
// mog: func-to=intentionActionToStructs func-from=intentionActionFromStructs
|
|
IntentionAction Action = 1;
|
|
IntentionHTTPPermission HTTP = 2;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IntentionHTTPPermission
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IntentionHTTPPermission {
|
|
string PathExact = 1;
|
|
string PathPrefix = 2;
|
|
string PathRegex = 3;
|
|
repeated IntentionHTTPHeaderPermission Header = 4;
|
|
repeated string Methods = 5;
|
|
}
|
|
|
|
// mog annotation:
|
|
//
|
|
// target=github.com/hashicorp/consul/agent/structs.IntentionHTTPHeaderPermission
|
|
// output=config_entry.gen.go
|
|
// name=Structs
|
|
message IntentionHTTPHeaderPermission {
|
|
string Name = 1;
|
|
bool Present = 2;
|
|
string Exact = 3;
|
|
string Prefix = 4;
|
|
string Suffix = 5;
|
|
string Regex = 6;
|
|
bool Invert = 7;
|
|
}
|