health_check.proto

Package: envoy.config.core.v3

Types:

Enums:
- [HealthStatus](#healthstatus)
Source File: envoy/config/core/v3/health_check.proto

HealthCheck

[#next-free-field: 24]

"timeout": .google.protobuf.Duration
"interval": .google.protobuf.Duration
"initialJitter": .google.protobuf.Duration
"intervalJitter": .google.protobuf.Duration
"intervalJitterPercent": int
"unhealthyThreshold": .google.protobuf.UInt32Value
"healthyThreshold": .google.protobuf.UInt32Value
"altPort": .google.protobuf.UInt32Value
"reuseConnection": .google.protobuf.BoolValue
"httpHealthCheck": .envoy.config.core.v3.HealthCheck.HttpHealthCheck
"tcpHealthCheck": .envoy.config.core.v3.HealthCheck.TcpHealthCheck
"grpcHealthCheck": .envoy.config.core.v3.HealthCheck.GrpcHealthCheck
"customHealthCheck": .envoy.config.core.v3.HealthCheck.CustomHealthCheck
"noTrafficInterval": .google.protobuf.Duration
"unhealthyInterval": .google.protobuf.Duration
"unhealthyEdgeInterval": .google.protobuf.Duration
"healthyEdgeInterval": .google.protobuf.Duration
"eventLogPath": string
"eventService": .envoy.config.core.v3.EventServiceConfig
"alwaysLogHealthCheckFailures": bool
"tlsOptions": .envoy.config.core.v3.HealthCheck.TlsOptions
"transportSocketMatchCriteria": .google.protobuf.Struct

Field Type Description Default
timeout .google.protobuf.Duration The time to wait for a health check response. If the timeout is reached the health check attempt will be considered a failure.
interval .google.protobuf.Duration The interval between health checks.
initialJitter .google.protobuf.Duration An optional jitter amount in milliseconds. If specified, Envoy will start health checking after for a random time in ms between 0 and initial_jitter. This only applies to the first health check.
intervalJitter .google.protobuf.Duration An optional jitter amount in milliseconds. If specified, during every interval Envoy will add interval_jitter to the wait time.
intervalJitterPercent int An optional jitter amount as a percentage of interval_ms. If specified, during every interval Envoy will add interval_ms * interval_jitter_percent / 100 to the wait time. If interval_jitter_ms and interval_jitter_percent are both set, both of them will be used to increase the wait time.
unhealthyThreshold .google.protobuf.UInt32Value The number of unhealthy health checks required before a host is marked unhealthy. Note that for http health checking if a host responds with 503 this threshold is ignored and the host is considered unhealthy immediately.
healthyThreshold .google.protobuf.UInt32Value The number of healthy health checks required before a host is marked healthy. Note that during startup, only a single successful health check is required to mark a host healthy.
altPort .google.protobuf.UInt32Value [#not-implemented-hide:] Non-serving port for health checking.
reuseConnection .google.protobuf.BoolValue Reuse health check connection between health checks. Default is true.
httpHealthCheck .envoy.config.core.v3.HealthCheck.HttpHealthCheck HTTP health check. Only one of httpHealthCheck, tcpHealthCheck, or customHealthCheck can be set.
tcpHealthCheck .envoy.config.core.v3.HealthCheck.TcpHealthCheck TCP health check. Only one of tcpHealthCheck, httpHealthCheck, or customHealthCheck can be set.
grpcHealthCheck .envoy.config.core.v3.HealthCheck.GrpcHealthCheck gRPC health check. Only one of grpcHealthCheck, httpHealthCheck, or customHealthCheck can be set.
customHealthCheck .envoy.config.core.v3.HealthCheck.CustomHealthCheck Custom health check. Only one of customHealthCheck, httpHealthCheck, or grpcHealthCheck can be set.
noTrafficInterval .google.protobuf.Duration The “no traffic interval” is a special health check interval that is used when a cluster has never had traffic routed to it. This lower interval allows cluster information to be kept up to date, without sending a potentially large amount of active health checking traffic for no reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the standard health check interval that is defined. Note that this interval takes precedence over any other. The default value for “no traffic interval” is 60 seconds.
unhealthyInterval .google.protobuf.Duration The “unhealthy interval” is a health check interval that is used for hosts that are marked as unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the standard health check interval that is defined. The default value for “unhealthy interval” is the same as “interval”.
unhealthyEdgeInterval .google.protobuf.Duration The “unhealthy edge interval” is a special health check interval that is used for the first health check right after a host is marked as unhealthy. For subsequent health checks Envoy will shift back to using either “unhealthy interval” if present or the standard health check interval that is defined. The default value for “unhealthy edge interval” is the same as “unhealthy interval”.
healthyEdgeInterval .google.protobuf.Duration The “healthy edge interval” is a special health check interval that is used for the first health check right after a host is marked as healthy. For subsequent health checks Envoy will shift back to using the standard health check interval that is defined. The default value for “healthy edge interval” is the same as the default interval.
eventLogPath string Specifies the path to the :ref:health check event log <arch_overview_health_check_logging>. If empty, no event log will be written.
eventService .envoy.config.core.v3.EventServiceConfig [#not-implemented-hide:] The gRPC service for the health check event service. If empty, health check events won’t be sent to a remote endpoint.
alwaysLogHealthCheckFailures bool If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false.
tlsOptions .envoy.config.core.v3.HealthCheck.TlsOptions This allows overriding the cluster TLS settings, just for health check connections.
transportSocketMatchCriteria .google.protobuf.Struct Optional key/value pairs that will be used to match a transport socket from those specified in the cluster’s :ref:tranport socket matches <envoy_api_field_config.cluster.v3.Cluster.transport_socket_matches>. For example, the following match criteria .. code-block:: yaml transport_socket_match_criteria: useMTLS: true Will match the following :ref:cluster socket match <envoy_api_msg_config.cluster.v3.Cluster.TransportSocketMatch> .. code-block:: yaml transport_socket_matches: - name: “useMTLS” match: useMTLS: true transport_socket: name: envoy.transport_sockets.tls config: { … } # tls socket configuration If this field is set, then for health checks it will supersede an entry of envoy.transport_socket in the :ref:LbEndpoint.Metadata <envoy_api_field_config.endpoint.v3.LbEndpoint.metadata>. This allows using different transport socket capabilities for health checking versus proxying to the endpoint. If the key/values pairs specified do not match any :ref:transport socket matches <envoy_api_field_config.cluster.v3.Cluster.transport_socket_matches>, the cluster’s :ref:transport socket <envoy_api_field_config.cluster.v3.Cluster.transport_socket> will be used for health check socket configuration.

Payload

Describes the encoding of the payload bytes in the payload.

"text": string
"binary": bytes

Field Type Description Default
text string Hex encoded payload. E.g., “000000FF”. Only one of text or binary can be set.
binary bytes [#not-implemented-hide:] Binary payload. Only one of binary or text can be set.

HttpHealthCheck

[#next-free-field: 12]

"host": string
"path": string
"send": .envoy.config.core.v3.HealthCheck.Payload
"receive": .envoy.config.core.v3.HealthCheck.Payload
"requestHeadersToAdd": []envoy.config.core.v3.HeaderValueOption
"requestHeadersToRemove": []string
"expectedStatuses": []envoy.type.v3.Int64Range
"codecClientType": .envoy.type.v3.CodecClientType
"serviceNameMatcher": .envoy.type.matcher.v3.StringMatcher

Field Type Description Default
host string The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The host header can be customized for a specific endpoint by setting the :ref:hostname <envoy_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname> field.
path string Specifies the HTTP path that will be requested during health checking. For example /healthcheck.
send .envoy.config.core.v3.HealthCheck.Payload [#not-implemented-hide:] HTTP specific payload.
receive .envoy.config.core.v3.HealthCheck.Payload [#not-implemented-hide:] HTTP specific response.
requestHeadersToAdd []envoy.config.core.v3.HeaderValueOption Specifies a list of HTTP headers that should be added to each request that is sent to the health checked cluster. For more information, including details on header value syntax, see the documentation on :ref:custom request headers <config_http_conn_man_headers_custom_request_headers>.
requestHeadersToRemove []string Specifies a list of HTTP headers that should be removed from each request that is sent to the health checked cluster.
expectedStatuses []envoy.type.v3.Int64Range Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of :ref:Int64Range <envoy_api_msg_type.v3.Int64Range>. The start and end of each range are required. Only statuses in the range [100, 600) are allowed.
codecClientType .envoy.type.v3.CodecClientType Use specified application protocol for health checks.
serviceNameMatcher .envoy.type.matcher.v3.StringMatcher An optional service name parameter which is used to validate the identity of the health checked cluster using a :ref:StringMatcher <envoy_api_msg_type.matcher.v3.StringMatcher>. See the :ref:architecture overview <arch_overview_health_checking_identity> for more information.

TcpHealthCheck

"send": .envoy.config.core.v3.HealthCheck.Payload
"receive": []envoy.config.core.v3.HealthCheck.Payload

Field Type Description Default
send .envoy.config.core.v3.HealthCheck.Payload Empty payloads imply a connect-only health check.
receive []envoy.config.core.v3.HealthCheck.Payload When checking the response, “fuzzy” matching is performed such that each binary block must be found, and in the order specified, but not necessarily contiguous.

RedisHealthCheck

"key": string

Field Type Description Default
key string If set, optionally perform EXISTS <key> instead of PING. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain.

GrpcHealthCheck

grpc.health.v1.Health <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto>_-based healthcheck. See gRPC doc <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>_ for details.

"serviceName": string
"authority": string

Field Type Description Default
serviceName string An optional service name parameter which will be sent to gRPC service in grpc.health.v1.HealthCheckRequest <https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20>_. message. See gRPC health-checking overview <https://github.com/grpc/grpc/blob/master/doc/health-checking.md>_ for more information.
authority string The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The authority header can be customized for a specific endpoint by setting the :ref:hostname <envoy_api_field_config.endpoint.v3.Endpoint.HealthCheckConfig.hostname> field.

CustomHealthCheck

Custom health check.

"name": string
"typedConfig": .google.protobuf.Any

Field Type Description Default
name string The registered name of the custom health checker.
typedConfig .google.protobuf.Any

TlsOptions

Health checks occur over the transport socket specified for the cluster. This implies that if a cluster is using a TLS-enabled transport socket, the health check will also occur over TLS.

This allows overriding the cluster TLS settings, just for health check connections.

"alpnProtocols": []string

Field Type Description Default
alpnProtocols []string Specifies the ALPN protocols for health check connections. This is useful if the corresponding upstream is using ALPN-based :ref:FilterChainMatch <envoy_api_msg_config.listener.v3.FilterChainMatch> along with different protocols for health checks versus data connections. If empty, no ALPN protocols will be set on health check connections.

HealthStatus

Description: Endpoint health status.

Name Description
UNKNOWN The health status is not known. This is interpreted by Envoy as HEALTHY.
HEALTHY Healthy.
UNHEALTHY Unhealthy.
DRAINING Connection draining in progress. E.g., <https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/>_ or <https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining>_. This is interpreted by Envoy as *UNHEALTHY*.
TIMEOUT Health check timed out. This is part of HDS and is interpreted by Envoy as UNHEALTHY.
DEGRADED Degraded.