内容简介:该系列所有笔记可以在系列教程汇总中找到。这里使用的是envoy 1.8.0,对应文档是
说明
该系列所有笔记可以在系列教程汇总中找到。
Envoy(三):envoy设计思路、配置文件和功能特性概览 中给出了envoy配置模板的完整定义,这里将envoy的配置文件完全展开,形成全景式认识。
这里使用的是envoy 1.8.0,对应文档是 1.8.0 。
配置文件概览
{ "node": { "id": "...", "cluster": "...", "metadata": "{...}", "locality": "{...}", "build_version": "..." }, "static_resources": { "listeners": [], "clusters": [], "secrets": [] }, "dynamic_resources": { "lds_config": "{...}", "cds_config": "{...}", "ads_config": "{...}" }, "cluster_manager": { "local_cluster_name": "...", "outlier_detection": "{...}", "upstream_bind_config": "{...}", "load_stats_config": "{...}" }, "hds_config": { "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" }, "flags_path": "...", "stats_sinks": [ { "name": "...", "config": "{...}" } ], "stats_config": { "stats_tags": [], "use_all_default_tags": "{...}", "stats_matcher": "{...}" }, "stats_flush_interval": "{...}", "watchdog": { "miss_timeout": "{...}", "megamiss_timeout": "{...}", "kill_timeout": "{...}", "multikill_timeout": "{...}" }, "tracing": { "http": "{...}" }, "rate_limit_service": { "grpc_service": "{...}" }, "runtime": { "symlink_root": "...", "subdirectory": "...", "override_subdirectory": "..." }, "admin": { "access_log_path": "...", "profile_path": "...", "address": "{...}" }, "overload_manager": { "refresh_interval": "{...}", "resource_monitors": [], "actions": [] } }
node – 节点信息
node
中配置的是envoy的标记信息,是呈现给management server的。 link
{ "id": "...", "cluster": "...", "metadata": "{...}", "locality": { "region": "...", "zone": "...", "sub_zone": "..." }, "build_version": "..." }
id
可以用命令行参数 --service-node
指定, cluster
可以用命令行参数 --service-cluster
指定。
metadata
是自定义的结构,会被原原本本地发送给management server。
static_resources – 静态配置
static_resources
中是静态配置的资源,这里的资源也就是envoy要承担的核心工作,由 listeners
、 clusters
和 secrets
三部分组成。 link
{ "listeners": [], "clusters": [], "secrets": [] }
listeners – 监听器
listener
是envoy要监听的地址:
{ "name": "...", "address": { "socket_address":{ { "protocol": "...", "address": "...", "port_value": "...", "named_port": "...", "resolver_name": "...", "ipv4_compat": "..." } }, "pipe": { "path": "..." } }, "filter_chains": [ { "name": "...", "config": "{...}" } ], "use_original_dst": "BoolValue", "per_connection_buffer_limit_bytes": "UInt32Value", "metadata": "{...}", "drain_type": "DEFAULT/MODIFY_ONLY", "listener_filters": [ { "name": "...", "config": "{...}" } ], "transparent": "BoolValue", "freebind": "BoolValue", "socket_options": [ { "description": "...", "level": "...", "name": "...", "int_value": "...", "buf_value": "...", "state": "..." } ], "tcp_fast_open_queue_length": "UInt32Value" "bugfix_reverse_write_filter_order": "BoolValue" }
name
是listener的名字,不能重复。
address
有 socket
(对应socket_address)和 unix socket
(对应pipe)两种类型。
filter_chains
是为了listener配置的插件,1.8.0提供了下面这些插件, link
:
envoy.client_ssl_auth envoy.echo envoy.http_connection_manager envoy.mongo_proxy envoy.ratelimit envoy.redis_proxy envoy.tcp_proxy
上面列出的就是插件的名字,是 name
字段的可用值, config
字段的格式因插件的不同而不同。
listener_filters
中的插件在 filter_chains
之前执行,1.8.0提供了下面这些插件, link
:
envoy.listener.original_dst envoy.listener.tls_inspector
clusters – 集群
{ "name": "string, 名称,必须", "alt_stat_name": "string, 发送状态时使用的名字,名称中:会被转换成_", "type": "cluster 发现方式, STATIC/STRICT_DNS/LOGICAL_DNS/EDS/ORIGINAL_DST", "eds_cluster_config": { "eds_config": { "path": "string,用来观测配置文件更新的路径", "api_config_source": { "api_type": "string,REST_LEGACY/REST/GRPC", "cluster_names": ["string,只用于REST_LEGACY/REST,可以配置多个"], "grpc_services": ["string,只用于GRPC,可以配置多个"], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": { "max_tokens": "Uint32Value,默认值100", "fill_rate": "DoubleValue,默认100 token/s" } }, "ads": "{ This is currently empty }" }, "service_name": "..." }, "connect_timeout": "{...}", "per_connection_buffer_limit_bytes": "{...}", "lb_policy": "负责均衡策略,ROUND_ROBIN/LEAST_REQUEST/RING_HASH/RANDOM/ORIGINAL_DST_LB/MAGLEV", "hosts": [ { "socket_address": "{...}", "pipe": "{...}" } ], "load_assignment": { { "cluster_name": "...", "endpoints": [], "policy": { "drop_overloads": [], "overprovisioning_factor": "{...}" } } }, "health_checks": [ { "timeout": "{...}", "interval": "{...}", "interval_jitter": "{...}", "interval_jitter_percent": "...", "unhealthy_threshold": "{...}", "healthy_threshold": "{...}", "reuse_connection": "{...}", "http_health_check": { "host": "...", "path": "...", "service_name": "...", "request_headers_to_add": [], "request_headers_to_remove": [], "use_http2": "..." }, "tcp_health_check": { "send": "{...}", "receive": [] }, "grpc_health_check": { "service_name": "...", "authority": "..." }, "custom_health_check": { "name": "...", "config": "{...}" }, "no_traffic_interval": "{...}", "unhealthy_interval": "{...}", "unhealthy_edge_interval": "{...}", "healthy_edge_interval": "{...}", "event_log_path": "...", "always_log_health_check_failures": "..." } ], "max_requests_per_connection": "{...}", "circuit_breakers": { "thresholds": [] }, "tls_context": { "common_tls_context": "{...}", "sni": "...", "allow_renegotiation": "...", "max_session_keys": "{...}" }, "common_http_protocol_options": { "idle_timeout": "{...}" }, "http_protocol_options": { "allow_absolute_url": "{...}", "accept_http_10": "...", "default_host_for_http_10": "..." }, "http2_protocol_options": { "hpack_table_size": "{...}", "max_concurrent_streams": "{...}", "initial_stream_window_size": "{...}", "initial_connection_window_size": "{...}", "allow_connect": "..." }, "extension_protocol_options": "{...}", "dns_refresh_rate": "{...}", "dns_lookup_family": "AUTO/V4_ONLY/V6_ONLY", "dns_resolvers": [], "outlier_detection": { "consecutive_5xx": "{...}", "interval": "{...}", "base_ejection_time": "{...}", "max_ejection_percent": "{...}", "enforcing_consecutive_5xx": "{...}", "enforcing_success_rate": "{...}", "success_rate_minimum_hosts": "{...}", "success_rate_request_volume": "{...}", "success_rate_stdev_factor": "{...}", "consecutive_gateway_failure": "{...}", "enforcing_consecutive_gateway_failure": "{...}" }, "cleanup_interval": "{...}", "upstream_bind_config": { "source_address": "{...}", "freebind": "{...}", "socket_options": [] }, "lb_subset_config": { "fallback_policy": "...", "default_subset": "{...}", "subset_selectors": [], "locality_weight_aware": "...", "scale_locality_weight": "..." }, "ring_hash_lb_config": { "minimum_ring_size": "{...}" }, "original_dst_lb_config": { "use_http_header": "..." }, "least_request_lb_config": { "choice_count": "{...}" }, "common_lb_config": { "healthy_panic_threshold": "{...}", "zone_aware_lb_config": "{...}", "locality_weighted_lb_config": "{...}", "update_merge_window": "{...}" }, "transport_socket": { "name": "...", "config": "{...}" }, "metadata": "{...}", "protocol_selection": "USE_CONFIGURED_PROTOCOL/USE_DOWNSTREAM_PROTOCOL", "upstream_connection_options": { "tcp_keepalive": "{...}" }, "close_connections_on_host_health_failure": "...", "drain_connections_on_host_removal": "..." }
secrets – 证书
{ "name": "...", "tls_certificate": { "certificate_chain": "{...}", "private_key": "{...}", "password": "{...}" }, "session_ticket_keys": { "keys": [] }, "validation_context": { "trusted_ca": "{...}", "verify_certificate_spki": [], "verify_certificate_hash": [], "verify_subject_alt_name": [], "crl": "{...}", "allow_expired_certificate": "..." } }
dynamic_resources – 动态发现
lds_config
、 cds_config
、 ads_config
的格式是完全相同的。
{ "lds_config": { "api_type": "string,REST_LEGACY/REST/GRPC", "cluster_names": ["string,只用于REST_LEGACY/REST,可以配置多个"], "grpc_services": ["string,只用于GRPC,可以配置多个"], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": { "max_tokens": "Uint32Value,默认值100", "fill_rate": "DoubleValue,默认100 token/s" } }, "cds_config": { "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" }, "ads_config": { "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" } }
cluster_manager – 集群管理
{ "local_cluster_name": "...", "outlier_detection": { "event_log_path": "..." }, "upstream_bind_config": { "source_address": { "protocol": "...", "address": "...", "port_value": "...", "named_port": "...", "resolver_name": "...", "ipv4_compat": "..." }, "freebind": "{...}", "socket_options": [ { "description": "...", "level": "...", "name": "...", "int_value": "...", "buf_value": "...", "state": "..." } ] }, "load_stats_config": { "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" } }
hds_config – 健康检查
{ "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" }
flags_path – 参数
string
stats_sinks – 状态采集插件
{ "name": "...", "config": "{...}" }
envoy内置了以下stats sinks:
envoy.statsd envoy.dog_statsd envoy.metrics_service envoy.stat_sinks.hystrix
stats_config – 状态采集配置
{ "stats_tags": [], "use_all_default_tags": "{...}", "stats_matcher": "{...}" }
stats_flush_interval – 状态刷新时间
watchdog – 看门狗设置
{ "miss_timeout": "{...}", "megamiss_timeout": "{...}", "kill_timeout": "{...}", "multikill_timeout": "{...}" }
tracing – 调用跟踪
{ "http": "{...}" }
rate_limit_service – 限速服务
{ "grpc_service": "{...}" }
runtime – 运行时状态
{ "symlink_root": "...", "subdirectory": "...", "override_subdirectory": "..." }
admin – 管理接口
{ "access_log_path": "...", "profile_path": "...", "address": { "socket_address": { "protocol": "...", "address": "...", "port_value": "...", "named_port": "...", "resolver_name": "...", "ipv4_compat": "..." }, "pipe": { "path": "..." } } }
overload_manager – 过载管理
{ "refresh_interval": "{...}", "resource_monitors": [], "actions": [] }
参考
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:- JS专题之数组展开
- 展开中断或忽略的序号
- 一道关于 ARRAY 深度展开的面试题
- 传微软下月将对 Windows 团队展开架构重组
- 软件工程造价估算标准》编制工作全面展开
- lisp 宏展开实现中遇到的两个问题
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
基于MVC的JavaScript Web富应用开发
麦卡劳(Alex MacCaw) / 李晶、张散集 / 电子工业出版社 / 2012-5 / 59.00元
《JavaScript Web 富应用开发》Developing JavaScript Web Applications是 Alex MacCaw 的新作(由O'Reilly出版发行),本书系统而深入的讲解了如何使用最前沿的Web技术构建下一代互联网富应用程序。作者 Alex MacCaw 是一名Ruby/JavaScript 程序员,在开源社区中很有名望,是Spine框架的作者,同时活跃在纽约、......一起来看看 《基于MVC的JavaScript Web富应用开发》 这本书的介绍吧!