istio_v1beta1 library
Istio Beta1.
Classes
- Abort
- Abort specification is used to prematurely abort a request with a pre-specified error code. The following example will return an HTTP 400 error code for 1 out of every 1000 requests to the “ratings” service “v1”.
- AuthorizationPolicy
- Istio Authorization Policy enables access control on workloads in the mesh. Authorization policy supports CUSTOM, DENY and ALLOW actions for access control. When CUSTOM, DENY and ALLOW actions are used for a workload at the same time, the CUSTOM action is evaluated first, then the DENY action, and finally the ALLOW action. The evaluation is determined by the following rules:
- AuthorizationPolicyList
- AuthorizationPolicy List.
- AuthorizationPolicySpec
- Enables access control on workloads.
- AuthorizationPolicyStatus
- AuthorizationPolicyStatus
- CorsPolicy
- Describes the Cross-Origin Resource Sharing (CORS) policy, for a given service. Refer to CORS for further details about cross origin resource sharing. For example, the following rule restricts cross origin requests to those originating from example.com domain using HTTP POST/GET, and sets the Access-Control-Allow-Credentials header to false. In addition, it only exposes X-Foo-bar header and sets an expiry period of 1 day.
- Delay
- Delay specification is used to inject latency into the request forwarding path. The following example will introduce a 5 second delay in 1 out of every 1000 requests to the “v1” version of the “reviews” service from all pods with label env: prod.
- Delegate
- Describes the delegate VirtualService.
- Destination
- Destination indicates the network addressable service to which the request/connection will be sent after processing a routing rule. The destination.host should unambiguously refer to a service in the service registry. Istio’s service registry is composed of all the services found in the platform’s service registry (e.g., Kubernetes services, Consul services), as well as services declared through the ServiceEntry resource.
- DestinationRule
- Destination rule.
- DestinationRuleList
- DestinationRule list.
- DestinationRuleSpec
- DestinationRuleSpec
- DestinationRuleStatus
- DestinationRuleStatus
- EnvoyFilter
- Envoy filter.
- EnvoyFilterList
- EnvoyFilter list.
- EnvoyFilterSpec
- EnvoyFilterSpec
- EnvoyFilterStatus
- EnvoyFilterStatus
- Gateway
- Gateway.
- GatewayList
- GatewayList is a collection of gateways.
- GatewaySpec
- Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html
- HeaderOperations
- Describes the header manipulations to apply.
- Headers
- Message headers can be manipulated when Envoy forwards requests to, or responses from, a destination service. Header manipulation rules can be specified for a specific route destination or for all destinations.
- HTTPFaultInjection
- HTTPFaultInjection can be used to specify one or more faults to inject while forwarding HTTP requests to the destination specified in a route. Fault specification is part of a VirtualService rule. Faults include aborting the Http request from downstream service, and/or delaying proxying of requests. A fault rule MUST HAVE delay or abort or both.
- HTTPMatchRequest
- HttpMatchRequest specifies a set of criterion to be met in order for the rule to be applied to the HTTP request. For example, the following restricts the rule to match only requests where the URL path starts with /ratings/v2/ and the request contains a custom end-user header with value jason.
- HTTPRedirect
- HTTPRedirect can be used to send a 301 redirect response to the caller, where the Authority/Host and the URI in the response can be swapped with the specified values. For example, the following rule redirects requests for /v1/getProductRatings API on the ratings service to /v1/bookRatings provided by the bookratings service.
- HTTPRetry
- Describes the retry policy to use when a HTTP request fails.
- HTTPRewrite
- HTTPRewrite can be used to rewrite specific parts of a HTTP request before forwarding the request to the destination. Rewrite primitive can be used only with HTTPRouteDestination.
- HTTPRoute
- Describes match conditions and actions for routing HTTP/1.1, HTTP2, and gRPC traffic. See VirtualService for usage examples.
- HTTPRouteDestination
- Each routing rule is associated with one or more service versions (see glossary in beginning of document). Weights associated with the version determine the proportion of traffic it receives. For example, the following rule will route 25% of traffic for the “reviews” service to instances with the “v2” tag and the remaining traffic (i.e., 75%) to “v1”.
- L4MatchAttributes
- L4 connection match attributes. Note that L4 connection matching support is incomplete.
- PeerAuthentication
- Peer authentication policies specify the mutual TLS mode Istio enforces on target workloads. The following modes are supported:
- PeerAuthenticationList
- PeerAuthentication list.
- PeerAuthenticationSpec
- PeerAuthenticationStatus
- Percent
- Percent specifies a percentage in the range of [0.0, 100.0].
- Port
- Port describes the properties of a specific port of a service.
- PortSelector
- PortSelector specifies the number of a port to be used for matching or selection for final routing.
- RequestAuthentication
- Request authentication.
- RequestAuthenticationList
- Represents a list of RequestAuthentication.
- RequestAuthenticationSpec
- RequestAuthenticationSpec
- RequestAuthenticationStatus
- RequestAuthenticationStatus
- RouteDestination
- L4 routing rule weighted destination.
- Server
- Describes the properties of the proxy on a given load balancer port.
- ServerTLSSettings
- Set of TLS related options that govern the server's behavior.
- ServiceEntry
- Service entry.
- ServiceEntryList
- ServiceEntry list.
- ServiceEntrySpec
- ServiceEntrySpec
- ServiceEntryStatus
- ServiceEntryStatus
- Sidecar
- Sidecar describes the configuration of the sidecar proxy that mediates inbound and outbound communication to the workload instance it is attached to. By default, Istio will program all sidecar proxies in the mesh with the necessary configuration required to reach every workload instance in the mesh, as well as accept traffic on all the ports associated with the workload. The Sidecar configuration provides a way to fine tune the set of ports, protocols that the proxy will accept when forwarding traffic to and from the workload. In addition, it is possible to restrict the set of services that the proxy can reach when forwarding outbound traffic from workload instances.
- SidecarList
- Sidecar list.
- SidecarSpec
- SidecarSpec
- SidecarStatus
- SidecarStatus
- StringMatch
- Describes how to match a given string in HTTP headers. Match is case-sensitive.
- TCPRoute
- Describes match conditions and actions for routing TCP traffic. The following routing rule forwards traffic arriving at port 27017 for mongo.prod.svc.cluster.local to another Mongo server on port 5555.
- Telemetry
- Telemetry.
- TelemetryList
- Telemetry list.
- TelemetrySpec
- TelemetrySpec
- TelemetryStatus
- TelemetryStatus
- TLSMatchAttributes
- TLS connection match attributes.
- TLSRoute
- Describes match conditions and actions for routing unterminated TLS traffic (TLS/HTTPS).
- VirtualService
- Configuration affecting traffic routing.
- VirtualServiceList
- A list of VirtualServices.
- VirtualServiceSpec
- Configuration affecting traffic routing.
- VirtualServiceStatus
- VirtualServiceStatus
- WorkloadEntry
- Workload entry.
- WorkloadEntryList
- WorkloadEntry list.
- WorkloadEntrySpec
- WorkloadEntrySpec
- WorkloadEntryStatus
- WorkloadEntryStatus
- WorkloadGroup
- Workload group.
- WorkloadGroupList
- WorkloadGroup list.
- WorkloadGroupSpec
- WorkloadGroupSpec
- WorkloadGroupStatus
- WorkloadGroupStatus
Enums
- TlsMode
- TLS modes enforced by the proxy.
- TlsProtocol
- TLS protocol versions.