health_check.proto
Package: solo.io.envoy.config.core.v3
Types:
- HealthCheck
- Payload
- HttpHealthCheck
- TcpHealthCheck
- RedisHealthCheck
- GrpcHealthCheck
- CustomHealthCheck
- TlsOptions
Enums:
- [HealthStatus](#healthstatus)
Source File: github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto
HealthCheck
[#next-free-field: 24]
"timeout": .google.protobuf.Duration
"interval": .google.protobuf.Duration
"initialJitter": .google.protobuf.Duration
"intervalJitter": .google.protobuf.Duration
"intervalJitterPercent": int
"unhealthyThreshold": .google.protobuf.UInt32Value
"healthyThreshold": .google.protobuf.UInt32Value
"altPort": .google.protobuf.UInt32Value
"reuseConnection": .google.protobuf.BoolValue
"httpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck
"tcpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.TcpHealthCheck
"grpcHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.GrpcHealthCheck
"customHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.CustomHealthCheck
"noTrafficInterval": .google.protobuf.Duration
"unhealthyInterval": .google.protobuf.Duration
"unhealthyEdgeInterval": .google.protobuf.Duration
"healthyEdgeInterval": .google.protobuf.Duration
"eventLogPath": string
"eventService": .solo.io.envoy.config.core.v3.EventServiceConfig
"alwaysLogHealthCheckFailures": bool
"tlsOptions": .solo.io.envoy.config.core.v3.HealthCheck.TlsOptions
"transportSocketMatchCriteria": .google.protobuf.Struct
Field | Type | Description |
---|---|---|
timeout |
.google.protobuf.Duration | The time to wait for a health check response. If the timeout is reached the health check attempt will be considered a failure. |
interval |
.google.protobuf.Duration | The interval between health checks. |
initialJitter |
.google.protobuf.Duration | An optional jitter amount in milliseconds. If specified, Envoy will start health checking after for a random time in ms between 0 and initial_jitter. This only applies to the first health check. |
intervalJitter |
.google.protobuf.Duration | An optional jitter amount in milliseconds. If specified, during every interval Envoy will add interval_jitter to the wait time. |
intervalJitterPercent |
int |
An optional jitter amount as a percentage of interval_ms. If specified, during every interval Envoy will add interval_ms * interval_jitter_percent / 100 to the wait time. If interval_jitter_ms and interval_jitter_percent are both set, both of them will be used to increase the wait time. |
unhealthyThreshold |
.google.protobuf.UInt32Value | The number of unhealthy health checks required before a host is marked unhealthy. Note that for http health checking if a host responds with 503 this threshold is ignored and the host is considered unhealthy immediately. |
healthyThreshold |
.google.protobuf.UInt32Value | The number of healthy health checks required before a host is marked healthy. Note that during startup, only a single successful health check is required to mark a host healthy. |
altPort |
.google.protobuf.UInt32Value | [#not-implemented-hide:] Non-serving port for health checking. |
reuseConnection |
.google.protobuf.BoolValue | Reuse health check connection between health checks. Default is true. |
httpHealthCheck |
.solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck | HTTP health check. Only one of httpHealthCheck , tcpHealthCheck , grpcHealthCheck , or customHealthCheck can be set. |
tcpHealthCheck |
.solo.io.envoy.config.core.v3.HealthCheck.TcpHealthCheck | TCP health check. Only one of tcpHealthCheck , httpHealthCheck , grpcHealthCheck , or customHealthCheck can be set. |
grpcHealthCheck |
.solo.io.envoy.config.core.v3.HealthCheck.GrpcHealthCheck | gRPC health check. Only one of grpcHealthCheck , httpHealthCheck , tcpHealthCheck , or customHealthCheck can be set. |
customHealthCheck |
.solo.io.envoy.config.core.v3.HealthCheck.CustomHealthCheck | Custom health check. Only one of customHealthCheck , httpHealthCheck , tcpHealthCheck , or grpcHealthCheck can be set. |
noTrafficInterval |
.google.protobuf.Duration | The “no traffic interval” is a special health check interval that is used when a cluster has never had traffic routed to it. This lower interval allows cluster information to be kept up to date, without sending a potentially large amount of active health checking traffic for no reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the standard health check interval that is defined. Note that this interval takes precedence over any other. The default value for “no traffic interval” is 60 seconds. |
unhealthyInterval |
.google.protobuf.Duration | The “unhealthy interval” is a health check interval that is used for hosts that are marked as unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the standard health check interval that is defined. The default value for “unhealthy interval” is the same as “interval”. |
unhealthyEdgeInterval |
.google.protobuf.Duration | The “unhealthy edge interval” is a special health check interval that is used for the first health check right after a host is marked as unhealthy. For subsequent health checks Envoy will shift back to using either “unhealthy interval” if present or the standard health check interval that is defined. The default value for “unhealthy edge interval” is the same as “unhealthy interval”. |
healthyEdgeInterval |
.google.protobuf.Duration | The “healthy edge interval” is a special health check interval that is used for the first health check right after a host is marked as healthy. For subsequent health checks Envoy will shift back to using the standard health check interval that is defined. The default value for “healthy edge interval” is the same as the default interval. |
eventLogPath |
string |
Specifies the path to the :ref:health check event log <arch_overview_health_check_logging> . If empty, no event log will be written. |
eventService |
.solo.io.envoy.config.core.v3.EventServiceConfig | [#not-implemented-hide:] The gRPC service for the health check event service. If empty, health check events won’t be sent to a remote endpoint. |
alwaysLogHealthCheckFailures |
bool |
If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false. |
tlsOptions |
.solo.io.envoy.config.core.v3.HealthCheck.TlsOptions | This allows overriding the cluster TLS settings, just for health check connections. |
transportSocketMatchCriteria |
.google.protobuf.Struct | Optional key/value pairs that will be used to match a transport socket from those specified in the cluster’s :ref:tranport socket matches <envoy_api_field_config.cluster.v3.Cluster.transport_socket_matches> . For example, the following match criteria .. code-block:: yaml transport_socket_match_criteria: useMTLS: true Will match the following :ref:cluster socket match <envoy_api_msg_config.cluster.v3.Cluster.TransportSocketMatch> .. code-block:: yaml transport_socket_matches: - name: “useMTLS” match: useMTLS: true transport_socket: name: envoy.transport_sockets.tls config: { … } # tls socket configuration If this field is set, then for health checks it will supersede an entry of envoy.transport_socket in the :ref:LbEndpoint.Metadata <envoy_api_field_config.endpoint.v3.LbEndpoint.metadata> . This allows using different transport socket capabilities for health checking versus proxying to the endpoint. If the key/values pairs specified do not match any :ref:transport socket matches <envoy_api_field_config.cluster.v3.Cluster.transport_socket_matches> , the cluster’s :ref:transport socket <envoy_api_field_config.cluster.v3.Cluster.transport_socket> will be used for health check socket configuration. |
Payload
Describes the encoding of the payload bytes in the payload.
"text": string
"binary": bytes
Field | Type | Description |
---|---|---|
text |
string |
Hex encoded payload. E.g., “000000FF”. Only one of text or binary can be set. |
binary |
bytes |
[#not-implemented-hide:] Binary payload. Only one of binary or text can be set. |
HttpHealthCheck
[#next-free-field: 13]
"host": string
"path": string
"send": .solo.io.envoy.config.core.v3.HealthCheck.Payload
"receive": .solo.io.envoy.config.core.v3.HealthCheck.Payload
"requestHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption
"requestHeadersToRemove": []string
"expectedStatuses": []solo.io.envoy.type.v3.Int64Range
"codecClientType": .solo.io.envoy.type.v3.CodecClientType
"serviceNameMatcher": .solo.io.envoy.type.matcher.v3.StringMatcher
"responseAssertions": .advancedhttp.options.gloo.solo.io.ResponseAssertions
Field | Type | Description |
---|---|---|
host |
string |
The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The host header can be customized for a specific endpoint by setting the :ref:hostname <envoy_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname> field. |
path |
string |
Specifies the HTTP path that will be requested during health checking. For example /healthcheck. |
send |
.solo.io.envoy.config.core.v3.HealthCheck.Payload | [#not-implemented-hide:] HTTP specific payload. |
receive |
.solo.io.envoy.config.core.v3.HealthCheck.Payload | [#not-implemented-hide:] HTTP specific response. |
requestHeadersToAdd |
[]solo.io.envoy.config.core.v3.HeaderValueOption | Specifies a list of HTTP headers that should be added to each request that is sent to the health checked cluster. For more information, including details on header value syntax, see the documentation on :ref:custom request headers <config_http_conn_man_headers_custom_request_headers> . |
requestHeadersToRemove |
[]string |
Specifies a list of HTTP headers that should be removed from each request that is sent to the health checked cluster. |
expectedStatuses |
[]solo.io.envoy.type.v3.Int64Range | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of :ref:Int64Range <envoy_api_msg_type.v3.Int64Range> . The start and end of each range are required. Only statuses in the range [100, 600) are allowed. |
codecClientType |
.solo.io.envoy.type.v3.CodecClientType | Use specified application protocol for health checks. |
serviceNameMatcher |
.solo.io.envoy.type.matcher.v3.StringMatcher | An optional service name parameter which is used to validate the identity of the health checked cluster using a :ref:StringMatcher <envoy_api_msg_type.matcher.v3.StringMatcher> . See the :ref:architecture overview <arch_overview_health_checking_identity> for more information. |
responseAssertions |
.advancedhttp.options.gloo.solo.io.ResponseAssertions | (Enterprise Only): If defined, the response health check rules take precedence over the http expected_statuses . |
TcpHealthCheck
"send": .solo.io.envoy.config.core.v3.HealthCheck.Payload
"receive": []solo.io.envoy.config.core.v3.HealthCheck.Payload
Field | Type | Description |
---|---|---|
send |
.solo.io.envoy.config.core.v3.HealthCheck.Payload | Empty payloads imply a connect-only health check. |
receive |
[]solo.io.envoy.config.core.v3.HealthCheck.Payload | When checking the response, “fuzzy” matching is performed such that each binary block must be found, and in the order specified, but not necessarily contiguous. |
RedisHealthCheck
"key": string
Field | Type | Description |
---|---|---|
key |
string |
If set, optionally perform EXISTS <key> instead of PING . A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. |
GrpcHealthCheck
grpc.health.v1.Health <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto>
-based
healthcheck. See gRPC doc <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>
for details.
"serviceName": string
"authority": string
Field | Type | Description |
---|---|---|
serviceName |
string |
An optional service name parameter which will be sent to gRPC service in grpc.health.v1.HealthCheckRequest <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20> . message. See gRPC health-checking overview <https://github.com/grpc/grpc/blob/master/doc/health-checking.md> for more information. |
authority |
string |
The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The authority header can be customized for a specific endpoint by setting the :ref:hostname <envoy_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname> field. |
CustomHealthCheck
Custom health check.
"name": string
"typedConfig": .google.protobuf.Any
Field | Type | Description |
---|---|---|
name |
string |
The registered name of the custom health checker. |
typedConfig |
.google.protobuf.Any |
TlsOptions
Health checks occur over the transport socket specified for the cluster. This implies that if a cluster is using a TLS-enabled transport socket, the health check will also occur over TLS.
This allows overriding the cluster TLS settings, just for health check connections.
"alpnProtocols": []string
Field | Type | Description |
---|---|---|
alpnProtocols |
[]string |
Specifies the ALPN protocols for health check connections. This is useful if the corresponding upstream is using ALPN-based :ref:FilterChainMatch <envoy_api_msg_config.listener.v3.FilterChainMatch> along with different protocols for health checks versus data connections. If empty, no ALPN protocols will be set on health check connections. |
HealthStatus
Description: Endpoint health status.
Name | Description |
---|---|
UNKNOWN | The health status is not known. This is interpreted by Envoy as HEALTHY. |
HEALTHY | Healthy. |
UNHEALTHY | Unhealthy. |
DRAINING | Connection draining in progress. E.g., <https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/> _ or <https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining> _. This is interpreted by Envoy as *UNHEALTHY*. |
TIMEOUT | Health check timed out. This is part of HDS and is interpreted by Envoy as UNHEALTHY. |
DEGRADED | Degraded. |