networking.istio.io / v1alpha3 / DestinationRule

• object

  .spec

  Configuration affecting load balancing, outlier detection, etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html

• array

  .spec .exportTo

  A list of namespaces to which this destination rule is exported.

• string required

  .spec .host

  The name of a service from the service registry.

• array

  .spec .subsets

  One or more named sets that represent individual versions of a service.

• object

  .spec .subsets[] .labels

  Labels apply a filter over the endpoints of a service in the service registry.

• string required

  .spec .subsets[] .name

  Name of the subset.

• object

  .spec .subsets[] .trafficPolicy

  Traffic policies that apply to this subset.

• object

  .spec .subsets[] .trafficPolicy .connectionPool

• object

  .spec .subsets[] .trafficPolicy .connectionPool .http

  HTTP connection pool settings.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .http .h2UpgradePolicy

  Specify if http1.1 connection should be upgraded to http2 for the associated destination.

  Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .http .http1MaxPendingRequests

  Maximum number of requests that will be queued while waiting for a ready connection pool connection.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .http .http2MaxRequests

  Maximum number of active requests to a destination.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .http .idleTimeout

  The idle timeout for upstream connection pool connections.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .http .maxConcurrentStreams

  The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .http .maxRequestsPerConnection

  Maximum number of requests per connection to a backend.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .http .maxRetries

  Maximum number of retries that can be outstanding to all hosts in a cluster at a given time.

• boolean

  .spec .subsets[] .trafficPolicy .connectionPool .http .useClientProtocol

  If set to true, client protocol will be preserved while initiating connection to backend.

• object

  .spec .subsets[] .trafficPolicy .connectionPool .tcp

  Settings common to both HTTP and TCP upstream connections.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .connectTimeout

  TCP connection timeout.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .idleTimeout

  The idle timeout for TCP connections.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .maxConnectionDuration

  The maximum duration of a connection.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .maxConnections

  Maximum number of HTTP1 /TCP connections to a destination host.

• object

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .tcpKeepalive

  If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .tcpKeepalive .interval

  The time duration between keep-alive probes.

• integer

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .tcpKeepalive .probes

  Maximum number of keepalive probes to send without response before deciding the connection is dead.

• string

  .spec .subsets[] .trafficPolicy .connectionPool .tcp .tcpKeepalive .time

  The time duration a connection needs to be idle before keep-alive probes start being sent.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer

  Settings controlling the load balancer algorithms.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpCookie

  Hash based on HTTP cookie.

• string required

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpCookie .name

  Name of the cookie.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpCookie .path

  Path to set for the cookie.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpCookie .ttl

  Lifetime of the cookie.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpHeaderName

  Hash based on a specific HTTP header.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .httpQueryParameterName

  Hash based on a specific HTTP query parameter.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .maglev

  The Maglev load balancer implements consistent hashing to backend hosts.

• integer

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .maglev .tableSize

  The table size for Maglev hashing.

• integer

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .minimumRingSize

  Deprecated.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .ringHash

  The ring/modulo hash load balancer implements consistent hashing to backend hosts.

• integer

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .ringHash .minimumRingSize

  The minimum number of virtual nodes to use for the hash ring.

• boolean

  .spec .subsets[] .trafficPolicy .loadBalancer .consistentHash .useSourceIp

  Hash based on the source IP address.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting

• array

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .distribute

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .distribute[] .from

  Originating locality, ‘/’ separated, e.g.

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .distribute[] .to

  Map of upstream localities to traffic distribution weights.

• boolean | null

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .enabled

  Enable locality load balancing.

• array

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .failover

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .failover[] .from

  Originating region.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .failover[] .to

  Destination region the traffic will fail over to when endpoints in the ‘from’ region becomes unhealthy.

• array

  .spec .subsets[] .trafficPolicy .loadBalancer .localityLbSetting .failoverPriority

  failoverPriority is an ordered list of labels used to sort endpoints to do priority based load balancing.

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .simple

  Valid Options: LEAST_CONN, RANDOM, PASSTHROUGH, ROUND_ROBIN, LEAST_REQUEST

• object

  .spec .subsets[] .trafficPolicy .loadBalancer .warmup

  Represents the warmup configuration of Service.

• number | null

  .spec .subsets[] .trafficPolicy .loadBalancer .warmup .aggression

  This parameter controls the speed of traffic increase over the warmup duration.

• string required

  .spec .subsets[] .trafficPolicy .loadBalancer .warmup .duration

• number | null

  .spec .subsets[] .trafficPolicy .loadBalancer .warmup .minimumPercent

• string

  .spec .subsets[] .trafficPolicy .loadBalancer .warmupDurationSecs

  Deprecated: use warmup instead.

• object

  .spec .subsets[] .trafficPolicy .outlierDetection

• string

  .spec .subsets[] .trafficPolicy .outlierDetection .baseEjectionTime

  Minimum ejection duration.

• integer | null

  .spec .subsets[] .trafficPolicy .outlierDetection .consecutive5xxErrors

  Number of 5xx errors before a host is ejected from the connection pool.

• integer

  .spec .subsets[] .trafficPolicy .outlierDetection .consecutiveErrors

• integer | null

  .spec .subsets[] .trafficPolicy .outlierDetection .consecutiveGatewayErrors

  Number of gateway errors before a host is ejected from the connection pool.

• integer | null

  .spec .subsets[] .trafficPolicy .outlierDetection .consecutiveLocalOriginFailures

  The number of consecutive locally originated failures before ejection occurs.

• string

  .spec .subsets[] .trafficPolicy .outlierDetection .interval

  Time interval between ejection sweep analysis.

• integer

  .spec .subsets[] .trafficPolicy .outlierDetection .maxEjectionPercent

  Maximum % of hosts in the load balancing pool for the upstream service that can be ejected.

• integer

  .spec .subsets[] .trafficPolicy .outlierDetection .minHealthPercent

  Outlier detection will be enabled as long as the associated load balancing pool has at least minHealthPercent hosts in healthy mode.

• boolean

  .spec .subsets[] .trafficPolicy .outlierDetection .splitExternalLocalOriginErrors

  Determines whether to distinguish local origin failures from external errors.

• array

  .spec .subsets[] .trafficPolicy .portLevelSettings

  Traffic policies specific to individual ports.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http

  HTTP connection pool settings.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .h2UpgradePolicy

  Specify if http1.1 connection should be upgraded to http2 for the associated destination.

  Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .http1MaxPendingRequests

  Maximum number of requests that will be queued while waiting for a ready connection pool connection.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .http2MaxRequests

  Maximum number of active requests to a destination.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .idleTimeout

  The idle timeout for upstream connection pool connections.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .maxConcurrentStreams

  The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .maxRequestsPerConnection

  Maximum number of requests per connection to a backend.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .maxRetries

  Maximum number of retries that can be outstanding to all hosts in a cluster at a given time.

• boolean

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .http .useClientProtocol

  If set to true, client protocol will be preserved while initiating connection to backend.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp

  Settings common to both HTTP and TCP upstream connections.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .connectTimeout

  TCP connection timeout.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .idleTimeout

  The idle timeout for TCP connections.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .maxConnectionDuration

  The maximum duration of a connection.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .maxConnections

  Maximum number of HTTP1 /TCP connections to a destination host.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive

  If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .interval

  The time duration between keep-alive probes.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .probes

  Maximum number of keepalive probes to send without response before deciding the connection is dead.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .time

  The time duration a connection needs to be idle before keep-alive probes start being sent.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer

  Settings controlling the load balancer algorithms.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie

  Hash based on HTTP cookie.

• string required

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .name

  Name of the cookie.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .path

  Path to set for the cookie.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .ttl

  Lifetime of the cookie.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpHeaderName

  Hash based on a specific HTTP header.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpQueryParameterName

  Hash based on a specific HTTP query parameter.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .maglev

  The Maglev load balancer implements consistent hashing to backend hosts.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .maglev .tableSize

  The table size for Maglev hashing.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .minimumRingSize

  Deprecated.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .ringHash

  The ring/modulo hash load balancer implements consistent hashing to backend hosts.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .ringHash .minimumRingSize

  The minimum number of virtual nodes to use for the hash ring.

• boolean

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .useSourceIp

  Hash based on the source IP address.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting

• array

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute[] .from

  Originating locality, ‘/’ separated, e.g.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute[] .to

  Map of upstream localities to traffic distribution weights.

• boolean | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .enabled

  Enable locality load balancing.

• array

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover[] .from

  Originating region.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover[] .to

  Destination region the traffic will fail over to when endpoints in the ‘from’ region becomes unhealthy.

• array

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failoverPriority

  failoverPriority is an ordered list of labels used to sort endpoints to do priority based load balancing.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .simple

  Valid Options: LEAST_CONN, RANDOM, PASSTHROUGH, ROUND_ROBIN, LEAST_REQUEST

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .warmup

  Represents the warmup configuration of Service.

• number | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .aggression

  This parameter controls the speed of traffic increase over the warmup duration.

• string required

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .duration

• number | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .minimumPercent

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .loadBalancer .warmupDurationSecs

  Deprecated: use warmup instead.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .baseEjectionTime

  Minimum ejection duration.

• integer | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .consecutive5xxErrors

  Number of 5xx errors before a host is ejected from the connection pool.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveErrors

• integer | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveGatewayErrors

  Number of gateway errors before a host is ejected from the connection pool.

• integer | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveLocalOriginFailures

  The number of consecutive locally originated failures before ejection occurs.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .interval

  Time interval between ejection sweep analysis.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .maxEjectionPercent

  Maximum % of hosts in the load balancing pool for the upstream service that can be ejected.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .minHealthPercent

  Outlier detection will be enabled as long as the associated load balancing pool has at least minHealthPercent hosts in healthy mode.

• boolean

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .outlierDetection .splitExternalLocalOriginErrors

  Determines whether to distinguish local origin failures from external errors.

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .port

  Specifies the number of a port on the destination service on which this policy is being applied.

• integer

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .port .number

• object

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls

  TLS related settings for connections to the upstream service.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .caCertificates

  OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .caCrl

  OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .clientCertificate

  REQUIRED if mode is MUTUAL.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .credentialName

  The name of the secret that holds the TLS certs for the client including the CA certificates.

• boolean | null

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .insecureSkipVerify

  insecureSkipVerify specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .mode

  Indicates whether connections to this port should be secured using TLS.

  Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .privateKey

  REQUIRED if mode is MUTUAL.

• string

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .sni

  SNI string to present to the server during TLS handshake.

• array

  .spec .subsets[] .trafficPolicy .portLevelSettings[] .tls .subjectAltNames

  A list of alternate names to verify the subject identity in the certificate.

• object

  .spec .subsets[] .trafficPolicy .proxyProtocol

  The upstream PROXY protocol settings.

• string

  .spec .subsets[] .trafficPolicy .proxyProtocol .version

  The PROXY protocol version to use.

  Valid Options: V1, V2

• object

  .spec .subsets[] .trafficPolicy .tls

  TLS related settings for connections to the upstream service.

• string

  .spec .subsets[] .trafficPolicy .tls .caCertificates

  OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate.

• string

  .spec .subsets[] .trafficPolicy .tls .caCrl

  OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate.

• string

  .spec .subsets[] .trafficPolicy .tls .clientCertificate

  REQUIRED if mode is MUTUAL.

• string

  .spec .subsets[] .trafficPolicy .tls .credentialName

  The name of the secret that holds the TLS certs for the client including the CA certificates.

• boolean | null

  .spec .subsets[] .trafficPolicy .tls .insecureSkipVerify

  insecureSkipVerify specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.

• string

  .spec .subsets[] .trafficPolicy .tls .mode

  Indicates whether connections to this port should be secured using TLS.

  Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL

• string

  .spec .subsets[] .trafficPolicy .tls .privateKey

  REQUIRED if mode is MUTUAL.

• string

  .spec .subsets[] .trafficPolicy .tls .sni

  SNI string to present to the server during TLS handshake.

• array

  .spec .subsets[] .trafficPolicy .tls .subjectAltNames

  A list of alternate names to verify the subject identity in the certificate.

• object

  .spec .subsets[] .trafficPolicy .tunnel

  Configuration of tunneling TCP over other transport or application layers for the host configured in the DestinationRule.

• string

  .spec .subsets[] .trafficPolicy .tunnel .protocol

  Specifies which protocol to use for tunneling the downstream connection.

• string required

  .spec .subsets[] .trafficPolicy .tunnel .targetHost

  Specifies a host to which the downstream connection is tunneled.

• integer required

  .spec .subsets[] .trafficPolicy .tunnel .targetPort

  Specifies a port to which the downstream connection is tunneled.

• object

  .spec .trafficPolicy

  Traffic policies to apply (load balancing policy, connection pool sizes, outlier detection).

• object

  .spec .trafficPolicy .connectionPool

• object

  .spec .trafficPolicy .connectionPool .http

  HTTP connection pool settings.

• string

  .spec .trafficPolicy .connectionPool .http .h2UpgradePolicy

  Specify if http1.1 connection should be upgraded to http2 for the associated destination.

  Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE

• integer

  .spec .trafficPolicy .connectionPool .http .http1MaxPendingRequests

  Maximum number of requests that will be queued while waiting for a ready connection pool connection.

• integer

  .spec .trafficPolicy .connectionPool .http .http2MaxRequests

  Maximum number of active requests to a destination.

• string

  .spec .trafficPolicy .connectionPool .http .idleTimeout

  The idle timeout for upstream connection pool connections.

• integer

  .spec .trafficPolicy .connectionPool .http .maxConcurrentStreams

  The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection.

• integer

  .spec .trafficPolicy .connectionPool .http .maxRequestsPerConnection

  Maximum number of requests per connection to a backend.

• integer

  .spec .trafficPolicy .connectionPool .http .maxRetries

  Maximum number of retries that can be outstanding to all hosts in a cluster at a given time.

• boolean

  .spec .trafficPolicy .connectionPool .http .useClientProtocol

  If set to true, client protocol will be preserved while initiating connection to backend.

• object

  .spec .trafficPolicy .connectionPool .tcp

  Settings common to both HTTP and TCP upstream connections.

• string

  .spec .trafficPolicy .connectionPool .tcp .connectTimeout

  TCP connection timeout.

• string

  .spec .trafficPolicy .connectionPool .tcp .idleTimeout

  The idle timeout for TCP connections.

• string

  .spec .trafficPolicy .connectionPool .tcp .maxConnectionDuration

  The maximum duration of a connection.

• integer

  .spec .trafficPolicy .connectionPool .tcp .maxConnections

  Maximum number of HTTP1 /TCP connections to a destination host.

• object

  .spec .trafficPolicy .connectionPool .tcp .tcpKeepalive

  If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.

• string

  .spec .trafficPolicy .connectionPool .tcp .tcpKeepalive .interval

  The time duration between keep-alive probes.

• integer

  .spec .trafficPolicy .connectionPool .tcp .tcpKeepalive .probes

  Maximum number of keepalive probes to send without response before deciding the connection is dead.

• string

  .spec .trafficPolicy .connectionPool .tcp .tcpKeepalive .time

  The time duration a connection needs to be idle before keep-alive probes start being sent.

• object

  .spec .trafficPolicy .loadBalancer

  Settings controlling the load balancer algorithms.

• object

  .spec .trafficPolicy .loadBalancer .consistentHash

• object

  .spec .trafficPolicy .loadBalancer .consistentHash .httpCookie

  Hash based on HTTP cookie.

• string required

  .spec .trafficPolicy .loadBalancer .consistentHash .httpCookie .name

  Name of the cookie.

• string

  .spec .trafficPolicy .loadBalancer .consistentHash .httpCookie .path

  Path to set for the cookie.

• string

  .spec .trafficPolicy .loadBalancer .consistentHash .httpCookie .ttl

  Lifetime of the cookie.

• string

  .spec .trafficPolicy .loadBalancer .consistentHash .httpHeaderName

  Hash based on a specific HTTP header.

• string

  .spec .trafficPolicy .loadBalancer .consistentHash .httpQueryParameterName

  Hash based on a specific HTTP query parameter.

• object

  .spec .trafficPolicy .loadBalancer .consistentHash .maglev

  The Maglev load balancer implements consistent hashing to backend hosts.

• integer

  .spec .trafficPolicy .loadBalancer .consistentHash .maglev .tableSize

  The table size for Maglev hashing.

• integer

  .spec .trafficPolicy .loadBalancer .consistentHash .minimumRingSize

  Deprecated.

• object

  .spec .trafficPolicy .loadBalancer .consistentHash .ringHash

  The ring/modulo hash load balancer implements consistent hashing to backend hosts.

• integer

  .spec .trafficPolicy .loadBalancer .consistentHash .ringHash .minimumRingSize

  The minimum number of virtual nodes to use for the hash ring.

• boolean

  .spec .trafficPolicy .loadBalancer .consistentHash .useSourceIp

  Hash based on the source IP address.

• object

  .spec .trafficPolicy .loadBalancer .localityLbSetting

• array

  .spec .trafficPolicy .loadBalancer .localityLbSetting .distribute

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .trafficPolicy .loadBalancer .localityLbSetting .distribute[] .from

  Originating locality, ‘/’ separated, e.g.

• object

  .spec .trafficPolicy .loadBalancer .localityLbSetting .distribute[] .to

  Map of upstream localities to traffic distribution weights.

• boolean | null

  .spec .trafficPolicy .loadBalancer .localityLbSetting .enabled

  Enable locality load balancing.

• array

  .spec .trafficPolicy .loadBalancer .localityLbSetting .failover

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .trafficPolicy .loadBalancer .localityLbSetting .failover[] .from

  Originating region.

• string

  .spec .trafficPolicy .loadBalancer .localityLbSetting .failover[] .to

  Destination region the traffic will fail over to when endpoints in the ‘from’ region becomes unhealthy.

• array

  .spec .trafficPolicy .loadBalancer .localityLbSetting .failoverPriority

  failoverPriority is an ordered list of labels used to sort endpoints to do priority based load balancing.

• string

  .spec .trafficPolicy .loadBalancer .simple

  Valid Options: LEAST_CONN, RANDOM, PASSTHROUGH, ROUND_ROBIN, LEAST_REQUEST

• object

  .spec .trafficPolicy .loadBalancer .warmup

  Represents the warmup configuration of Service.

• number | null

  .spec .trafficPolicy .loadBalancer .warmup .aggression

  This parameter controls the speed of traffic increase over the warmup duration.

• string required

  .spec .trafficPolicy .loadBalancer .warmup .duration

• number | null

  .spec .trafficPolicy .loadBalancer .warmup .minimumPercent

• string

  .spec .trafficPolicy .loadBalancer .warmupDurationSecs

  Deprecated: use warmup instead.

• object

  .spec .trafficPolicy .outlierDetection

• string

  .spec .trafficPolicy .outlierDetection .baseEjectionTime

  Minimum ejection duration.

• integer | null

  .spec .trafficPolicy .outlierDetection .consecutive5xxErrors

  Number of 5xx errors before a host is ejected from the connection pool.

• integer

  .spec .trafficPolicy .outlierDetection .consecutiveErrors

• integer | null

  .spec .trafficPolicy .outlierDetection .consecutiveGatewayErrors

  Number of gateway errors before a host is ejected from the connection pool.

• integer | null

  .spec .trafficPolicy .outlierDetection .consecutiveLocalOriginFailures

  The number of consecutive locally originated failures before ejection occurs.

• string

  .spec .trafficPolicy .outlierDetection .interval

  Time interval between ejection sweep analysis.

• integer

  .spec .trafficPolicy .outlierDetection .maxEjectionPercent

  Maximum % of hosts in the load balancing pool for the upstream service that can be ejected.

• integer

  .spec .trafficPolicy .outlierDetection .minHealthPercent

  Outlier detection will be enabled as long as the associated load balancing pool has at least minHealthPercent hosts in healthy mode.

• boolean

  .spec .trafficPolicy .outlierDetection .splitExternalLocalOriginErrors

  Determines whether to distinguish local origin failures from external errors.

• array

  .spec .trafficPolicy .portLevelSettings

  Traffic policies specific to individual ports.

• object

  .spec .trafficPolicy .portLevelSettings[] .connectionPool

• object

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http

  HTTP connection pool settings.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .h2UpgradePolicy

  Specify if http1.1 connection should be upgraded to http2 for the associated destination.

  Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .http1MaxPendingRequests

  Maximum number of requests that will be queued while waiting for a ready connection pool connection.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .http2MaxRequests

  Maximum number of active requests to a destination.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .idleTimeout

  The idle timeout for upstream connection pool connections.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .maxConcurrentStreams

  The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .maxRequestsPerConnection

  Maximum number of requests per connection to a backend.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .maxRetries

  Maximum number of retries that can be outstanding to all hosts in a cluster at a given time.

• boolean

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .http .useClientProtocol

  If set to true, client protocol will be preserved while initiating connection to backend.

• object

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp

  Settings common to both HTTP and TCP upstream connections.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .connectTimeout

  TCP connection timeout.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .idleTimeout

  The idle timeout for TCP connections.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .maxConnectionDuration

  The maximum duration of a connection.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .maxConnections

  Maximum number of HTTP1 /TCP connections to a destination host.

• object

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive

  If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .interval

  The time duration between keep-alive probes.

• integer

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .probes

  Maximum number of keepalive probes to send without response before deciding the connection is dead.

• string

  .spec .trafficPolicy .portLevelSettings[] .connectionPool .tcp .tcpKeepalive .time

  The time duration a connection needs to be idle before keep-alive probes start being sent.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer

  Settings controlling the load balancer algorithms.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie

  Hash based on HTTP cookie.

• string required

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .name

  Name of the cookie.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .path

  Path to set for the cookie.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpCookie .ttl

  Lifetime of the cookie.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpHeaderName

  Hash based on a specific HTTP header.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .httpQueryParameterName

  Hash based on a specific HTTP query parameter.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .maglev

  The Maglev load balancer implements consistent hashing to backend hosts.

• integer

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .maglev .tableSize

  The table size for Maglev hashing.

• integer

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .minimumRingSize

  Deprecated.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .ringHash

  The ring/modulo hash load balancer implements consistent hashing to backend hosts.

• integer

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .ringHash .minimumRingSize

  The minimum number of virtual nodes to use for the hash ring.

• boolean

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .consistentHash .useSourceIp

  Hash based on the source IP address.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting

• array

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute[] .from

  Originating locality, ‘/’ separated, e.g.

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .distribute[] .to

  Map of upstream localities to traffic distribution weights.

• boolean | null

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .enabled

  Enable locality load balancing.

• array

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover

  Optional: only one of distribute, failover or failoverPriority can be set.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover[] .from

  Originating region.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failover[] .to

  Destination region the traffic will fail over to when endpoints in the ‘from’ region becomes unhealthy.

• array

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .localityLbSetting .failoverPriority

  failoverPriority is an ordered list of labels used to sort endpoints to do priority based load balancing.

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .simple

  Valid Options: LEAST_CONN, RANDOM, PASSTHROUGH, ROUND_ROBIN, LEAST_REQUEST

• object

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .warmup

  Represents the warmup configuration of Service.

• number | null

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .aggression

  This parameter controls the speed of traffic increase over the warmup duration.

• string required

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .duration

• number | null

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .warmup .minimumPercent

• string

  .spec .trafficPolicy .portLevelSettings[] .loadBalancer .warmupDurationSecs

  Deprecated: use warmup instead.

• object

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection

• string

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .baseEjectionTime

  Minimum ejection duration.

• integer | null

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .consecutive5xxErrors

  Number of 5xx errors before a host is ejected from the connection pool.

• integer

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveErrors

• integer | null

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveGatewayErrors

  Number of gateway errors before a host is ejected from the connection pool.

• integer | null

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .consecutiveLocalOriginFailures

  The number of consecutive locally originated failures before ejection occurs.

• string

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .interval

  Time interval between ejection sweep analysis.

• integer

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .maxEjectionPercent

  Maximum % of hosts in the load balancing pool for the upstream service that can be ejected.

• integer

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .minHealthPercent

  Outlier detection will be enabled as long as the associated load balancing pool has at least minHealthPercent hosts in healthy mode.

• boolean

  .spec .trafficPolicy .portLevelSettings[] .outlierDetection .splitExternalLocalOriginErrors

  Determines whether to distinguish local origin failures from external errors.

• object

  .spec .trafficPolicy .portLevelSettings[] .port

  Specifies the number of a port on the destination service on which this policy is being applied.

• integer

  .spec .trafficPolicy .portLevelSettings[] .port .number

• object

  .spec .trafficPolicy .portLevelSettings[] .tls

  TLS related settings for connections to the upstream service.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .caCertificates

  OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .caCrl

  OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .clientCertificate

  REQUIRED if mode is MUTUAL.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .credentialName

  The name of the secret that holds the TLS certs for the client including the CA certificates.

• boolean | null

  .spec .trafficPolicy .portLevelSettings[] .tls .insecureSkipVerify

  insecureSkipVerify specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .mode

  Indicates whether connections to this port should be secured using TLS.

  Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .privateKey

  REQUIRED if mode is MUTUAL.

• string

  .spec .trafficPolicy .portLevelSettings[] .tls .sni

  SNI string to present to the server during TLS handshake.

• array

  .spec .trafficPolicy .portLevelSettings[] .tls .subjectAltNames

  A list of alternate names to verify the subject identity in the certificate.

• object

  .spec .trafficPolicy .proxyProtocol

  The upstream PROXY protocol settings.

• string

  .spec .trafficPolicy .proxyProtocol .version

  The PROXY protocol version to use.

  Valid Options: V1, V2

• object

  .spec .trafficPolicy .tls

  TLS related settings for connections to the upstream service.

• string

  .spec .trafficPolicy .tls .caCertificates

  OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate.

• string

  .spec .trafficPolicy .tls .caCrl

  OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate.

• string

  .spec .trafficPolicy .tls .clientCertificate

  REQUIRED if mode is MUTUAL.

• string

  .spec .trafficPolicy .tls .credentialName

  The name of the secret that holds the TLS certs for the client including the CA certificates.

• boolean | null

  .spec .trafficPolicy .tls .insecureSkipVerify

  insecureSkipVerify specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.

• string

  .spec .trafficPolicy .tls .mode

  Indicates whether connections to this port should be secured using TLS.

  Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL

• string

  .spec .trafficPolicy .tls .privateKey

  REQUIRED if mode is MUTUAL.

• string

  .spec .trafficPolicy .tls .sni

  SNI string to present to the server during TLS handshake.

• array

  .spec .trafficPolicy .tls .subjectAltNames

  A list of alternate names to verify the subject identity in the certificate.

• object

  .spec .trafficPolicy .tunnel

  Configuration of tunneling TCP over other transport or application layers for the host configured in the DestinationRule.

• string

  .spec .trafficPolicy .tunnel .protocol

  Specifies which protocol to use for tunneling the downstream connection.

• string required

  .spec .trafficPolicy .tunnel .targetHost

  Specifies a host to which the downstream connection is tunneled.

• integer required

  .spec .trafficPolicy .tunnel .targetPort

  Specifies a port to which the downstream connection is tunneled.

• object

  .spec .workloadSelector

  Criteria used to select the specific set of pods/VMs on which this DestinationRule configuration should be applied.

• object

  .spec .workloadSelector .matchLabels

  One or more labels that indicate a specific set of pods/VMs on which a policy should be applied.

• object

  .status

• array

  .status .conditions

  Current service state of the resource.

• string

  .status .conditions[] .lastProbeTime

  Last time we probed the condition.

• string

  .status .conditions[] .lastTransitionTime

  Last time the condition transitioned from one status to another.

• string

  .status .conditions[] .message

  Human-readable message indicating details about last transition.

• integer | string

  .status .conditions[] .observedGeneration

  Resource Generation to which the Condition refers.

• string

  .status .conditions[] .reason

  Unique, one-word, CamelCase reason for the condition’s last transition.

• string

  .status .conditions[] .status

  Status is the status of the condition.

• string

  .status .conditions[] .type

  Type is the type of the condition.

• integer | string

  .status .observedGeneration

• array

  .status .validationMessages

  Includes any errors or warnings detected by Istio’s analyzers.

• string

  .status .validationMessages[] .documentationUrl

  A url pointing to the Istio documentation for this specific error type.

• string

  .status .validationMessages[] .level

  Represents how severe a message is.

  Valid Options: UNKNOWN, ERROR, WARNING, INFO

• object

  .status .validationMessages[] .type

• string

  .status .validationMessages[] .type .code

  A 7 character code matching ^IST[0-9]{4}$ intended to uniquely identify the message type.

• string

  .status .validationMessages[] .type .name

  A human-readable name for the message type.