Bootstrap

This proto is supplied via the -c CLI flag and acts as the root of the Envoy v2 configuration. See the v2 configuration overview for more detail.

config.bootstrap.v3.Bootstrap

[config.bootstrap.v3.Bootstrap proto]

Bootstrap configuration overview.

{
  "node": "{...}",
  "static_resources": "{...}",
  "dynamic_resources": "{...}",
  "cluster_manager": "{...}",
  "hds_config": "{...}",
  "flags_path": "...",
  "stats_sinks": [],
  "stats_config": "{...}",
  "stats_flush_interval": "{...}",
  "watchdog": "{...}",
  "tracing": "{...}",
  "layered_runtime": "{...}",
  "admin": "{...}",
  "overload_manager": "{...}",
  "enable_dispatcher_stats": "...",
  "header_prefix": "...",
  "stats_server_version_override": "{...}",
  "use_tcp_for_dns_lookups": "...",
  "bootstrap_extensions": []
}
node

(config.core.v3.Node) Node identity to present to the management server and for instance identification purposes (e.g. in generated headers).

static_resources

(config.bootstrap.v3.Bootstrap.StaticResources) Statically specified resources.

dynamic_resources

(config.bootstrap.v3.Bootstrap.DynamicResources) xDS configuration sources.

cluster_manager

(config.bootstrap.v3.ClusterManager) Configuration for the cluster manager which owns all upstream clusters within the server.

hds_config

(config.core.v3.ApiConfigSource) Health discovery service config option. (core.ApiConfigSource)

flags_path

(string) Optional file system path to search for startup flag files.

stats_sinks

(config.metrics.v3.StatsSink) Optional set of stats sinks.

stats_config

(config.metrics.v3.StatsConfig) Configuration for internal processing of stats.

stats_flush_interval

(Duration) Optional duration between flushes to configured stats sinks. For performance reasons Envoy latches counters and only flushes counters and gauges at a periodic interval. If not specified the default is 5000ms (5 seconds). Duration must be at least 1ms and at most 5 min.

watchdog

(config.bootstrap.v3.Watchdog) Optional watchdog configuration.

tracing

(config.trace.v3.Tracing) Configuration for an external tracing provider.

Attention

This field has been deprecated in favor of HttpConnectionManager.Tracing.provider.

layered_runtime

(config.bootstrap.v3.LayeredRuntime) Configuration for the runtime configuration provider. If not specified, a “null” provider will be used which will result in all defaults being used.

admin

(config.bootstrap.v3.Admin) Configuration for the local administration HTTP server.

overload_manager

(config.overload.v3.OverloadManager) Optional overload manager configuration.

Attention

This field should be configured in the presence of untrusted downstreams.

This field should be configured in the presence of untrusted upstreams.

Example configuration for untrusted environments:

overload_manager:
  actions:
  - name: envoy.overload_actions.shrink_heap
    triggers:
    - name: envoy.resource_monitors.fixed_heap
      threshold:
        value: 0.9
  - name: envoy.overload_actions.stop_accepting_requests
    triggers:
    - name: envoy.resource_monitors.fixed_heap
      threshold:
        value: 0.95
  refresh_interval: 0.25s
  resource_monitors:
  - name: envoy.resource_monitors.fixed_heap
    typed_config:
      '@type': type.googleapis.com/envoy.config.resource_monitor.fixed_heap.v2alpha.FixedHeapConfig
      max_heap_size_bytes: 1073741824.0
enable_dispatcher_stats

(bool) Enable stats for event dispatcher, defaults to false. Note that this records a value for each iteration of the event loop on every thread. This should normally be minimal overhead, but when using statsd, it will send each observed value over the wire individually because the statsd protocol doesn’t have any way to represent a histogram summary. Be aware that this can be a very large volume of data.

header_prefix

(string) Optional string which will be used in lieu of x-envoy in prefixing headers.

For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be transformed into x-foo-retry-on etc.

Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the headers Envoy will trust for core code and core extensions only. Be VERY careful making changes to this string, especially in multi-layer Envoy deployments or deployments using extensions which are not upstream.

stats_server_version_override

(UInt64Value) Optional proxy version which will be used to set the value of server.version statistic if specified. Envoy will not process this value, it will be sent as is to stats sinks.

use_tcp_for_dns_lookups

(bool) Always use TCP queries instead of UDP queries for DNS lookups. This may be overridden on a per-cluster basis in cds_config, when dns_resolvers and use_tcp_for_dns_lookups are specified.

bootstrap_extensions

(config.core.v3.TypedExtensionConfig) Specifies optional bootstrap extensions to be instantiated at startup time. Each item contains extension specific configuration.

config.bootstrap.v3.Bootstrap.StaticResources

[config.bootstrap.v3.Bootstrap.StaticResources proto]

{
  "listeners": [],
  "clusters": [],
  "secrets": []
}
listeners

(config.listener.v3.Listener) Static Listeners. These listeners are available regardless of LDS configuration.

clusters

(config.cluster.v3.Cluster) If a network based configuration source is specified for cds_config, it’s necessary to have some initial cluster definitions available to allow Envoy to know how to speak to the management server. These cluster definitions may not use EDS (i.e. they should be static IP or DNS-based).

secrets

(extensions.transport_sockets.tls.v3.Secret) These static secrets can be used by SdsSecretConfig

config.bootstrap.v3.Bootstrap.DynamicResources

[config.bootstrap.v3.Bootstrap.DynamicResources proto]

{
  "lds_config": "{...}",
  "cds_config": "{...}",
  "ads_config": "{...}"
}
lds_config

(config.core.v3.ConfigSource) All Listeners are provided by a single LDS configuration source.

cds_config

(config.core.v3.ConfigSource) All post-bootstrap Cluster definitions are provided by a single CDS configuration source.

ads_config

(config.core.v3.ApiConfigSource) A single ADS source may be optionally specified. This must have api_type GRPC. Only ConfigSources that have the ads field set will be streamed on the ADS channel.

config.bootstrap.v3.Admin

[config.bootstrap.v3.Admin proto]

Administration interface operations documentation.

{
  "access_log_path": "...",
  "profile_path": "...",
  "address": "{...}",
  "socket_options": []
}
access_log_path

(string) The path to write the access log for the administration server. If no access log is desired specify ‘/dev/null’. This is only required if address is set.

profile_path

(string) The cpu profiler output path for the administration server. If no profile path is specified, the default is ‘/var/log/envoy/envoy.prof’.

address

(config.core.v3.Address) The TCP address that the administration server will listen on. If not specified, Envoy will not start an administration server.

socket_options

(config.core.v3.SocketOption) Additional socket options that may not be present in Envoy source code or precompiled binaries.

config.bootstrap.v3.ClusterManager

[config.bootstrap.v3.ClusterManager proto]

Cluster manager architecture overview.

{
  "local_cluster_name": "...",
  "outlier_detection": "{...}",
  "upstream_bind_config": "{...}",
  "load_stats_config": "{...}"
}
local_cluster_name

(string) Name of the local cluster (i.e., the cluster that owns the Envoy running this configuration). In order to enable zone aware routing this option must be set. If local_cluster_name is defined then clusters must be defined in the Bootstrap static cluster resources. This is unrelated to the --service-cluster option which does not affect zone aware routing.

outlier_detection

(config.bootstrap.v3.ClusterManager.OutlierDetection) Optional global configuration for outlier detection.

upstream_bind_config

(config.core.v3.BindConfig) Optional configuration used to bind newly established upstream connections. This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config.

load_stats_config

(config.core.v3.ApiConfigSource) A management server endpoint to stream load stats to via StreamLoadStats. This must have api_type GRPC.

config.bootstrap.v3.ClusterManager.OutlierDetection

[config.bootstrap.v3.ClusterManager.OutlierDetection proto]

{
  "event_log_path": "..."
}
event_log_path

(string) Specifies the path to the outlier event log.

config.bootstrap.v3.Watchdog

[config.bootstrap.v3.Watchdog proto]

Envoy process watchdog configuration. When configured, this monitors for nonresponsive threads and kills the process after the configured thresholds. See the watchdog documentation for more information.

{
  "miss_timeout": "{...}",
  "megamiss_timeout": "{...}",
  "kill_timeout": "{...}",
  "multikill_timeout": "{...}"
}
miss_timeout

(Duration) The duration after which Envoy counts a nonresponsive thread in the watchdog_miss statistic. If not specified the default is 200ms.

megamiss_timeout

(Duration) The duration after which Envoy counts a nonresponsive thread in the watchdog_mega_miss statistic. If not specified the default is 1000ms.

kill_timeout

(Duration) If a watched thread has been nonresponsive for this duration, assume a programming error and kill the entire Envoy process. Set to 0 to disable kill behavior. If not specified the default is 0 (disabled).

multikill_timeout

(Duration) If at least two watched threads have been nonresponsive for at least this duration assume a true deadlock and kill the entire Envoy process. Set to 0 to disable this behavior. If not specified the default is 0 (disabled).

config.bootstrap.v3.Runtime

[config.bootstrap.v3.Runtime proto]

Runtime configuration overview (deprecated).

{
  "symlink_root": "...",
  "subdirectory": "...",
  "override_subdirectory": "...",
  "base": "{...}"
}
subdirectory

(string) Specifies the subdirectory to load within the root directory. This is useful if multiple systems share the same delivery mechanism. Envoy configuration elements can be contained in a dedicated subdirectory.

override_subdirectory

(string) Specifies an optional subdirectory to load within the root directory. If specified and the directory exists, configuration values within this directory will override those found in the primary subdirectory. This is useful when Envoy is deployed across many different types of servers. Sometimes it is useful to have a per service cluster directory for runtime configuration. See below for exactly how the override directory is used.

base

(Struct) Static base runtime. This will be overridden by other runtime layers, e.g. disk or admin. This follows the runtime protobuf JSON representation encoding.

config.bootstrap.v3.RuntimeLayer

[config.bootstrap.v3.RuntimeLayer proto]

{
  "name": "...",
  "static_layer": "{...}",
  "disk_layer": "{...}",
  "admin_layer": "{...}",
  "rtds_layer": "{...}"
}
name

(string, REQUIRED) Descriptive name for the runtime layer. This is only used for the runtime GET /runtime output.

static_layer

(Struct) Static runtime layer. This follows the runtime protobuf JSON representation encoding. Unlike static xDS resources, this static layer is overridable by later layers in the runtime virtual filesystem.

Precisely one of static_layer, disk_layer, admin_layer, rtds_layer must be set.

disk_layer

(config.bootstrap.v3.RuntimeLayer.DiskLayer)

Precisely one of static_layer, disk_layer, admin_layer, rtds_layer must be set.

admin_layer

(config.bootstrap.v3.RuntimeLayer.AdminLayer)

Precisely one of static_layer, disk_layer, admin_layer, rtds_layer must be set.

rtds_layer

(config.bootstrap.v3.RuntimeLayer.RtdsLayer)

Precisely one of static_layer, disk_layer, admin_layer, rtds_layer must be set.

config.bootstrap.v3.RuntimeLayer.DiskLayer

[config.bootstrap.v3.RuntimeLayer.DiskLayer proto]

Disk runtime layer.

{
  "symlink_root": "...",
  "subdirectory": "...",
  "append_service_cluster": "..."
}
subdirectory

(string) Specifies the subdirectory to load within the root directory. This is useful if multiple systems share the same delivery mechanism. Envoy configuration elements can be contained in a dedicated subdirectory.

append_service_cluster

(bool) Append the service cluster to the path under symlink root.

config.bootstrap.v3.RuntimeLayer.AdminLayer

[config.bootstrap.v3.RuntimeLayer.AdminLayer proto]

Admin console runtime layer.

{}

config.bootstrap.v3.RuntimeLayer.RtdsLayer

[config.bootstrap.v3.RuntimeLayer.RtdsLayer proto]

Runtime Discovery Service (RTDS) layer.

{
  "name": "...",
  "rtds_config": "{...}"
}
name

(string) Resource to subscribe to at rtds_config for the RTDS layer.

rtds_config

(config.core.v3.ConfigSource) RTDS configuration source.

config.bootstrap.v3.LayeredRuntime

[config.bootstrap.v3.LayeredRuntime proto]

Runtime configuration overview.

{
  "layers": []
}
layers

(config.bootstrap.v3.RuntimeLayer) The layers of the runtime. This is ordered such that later layers in the list overlay earlier entries.