The dashboard displays one or more protocols for each service. Protocols are determined for each listener announced in the mesh. Note that multiple listeners may be configured for each service, each with distinct protocol types.
Protocols are shown as badges on the service cards/list items, separated by commas. Services can be filtered, grouped, and sorted on all of the following protocols.
Protocols are identified as plaintext if the following criteria are true:
In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP if:
No network layer protocols have been been configured
http2_protocol_options
is not set on the listener
In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP2 if:
No network layer protocols have been been configured
http2_protocol_options
is set on the listener
In addition to the plaintext protocol requirements listed above, a service is labeled as WebSocket if upgrades: "websocket"
is set on the proxy.
In addition to the plaintext protocol requirements listed above, a service is labeled as TCP
if envoy.tcp_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Mongo
if envoy.mongo_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Redis
if envoy.redis_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Kafka
if envoy.kafka_broker
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Dubbo
if envoy.dubbo_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as MySQL
if envoy.mysql_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Zookeeper
if envoy.filters.network.zookeeper_proxy
is included in the active_network_filters
array on the listener.
In addition to the plaintext protocol requirements listed above, a service is labeled as Thrift
if envoy.thrift_proxy
is included in the active_network_filters
array on the listener.
Protocols are identified as using TLS if one of the following is true:
force_https
is set to true
on the domain
ssl_config
is set on the domain and ssl_config.require_client_certs
is true
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP if:
No network layer protocols have been been configured
http2_protocol_options
is not set on the listener
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP2 if:
No network layer protocols have been been configured
http2_protocol_options
is set on the listener
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/WebSocket if upgrades: "websocket"
is set on the proxy.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/TCP if envoy.tcp_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Mongo if envoy.mongo_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Redis if envoy.redis_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Kafka if envoy.kafka_broker
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Dubbo if envoy.dubbo_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/MySQL if envoy.mysql_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Zookeeper if envoy.filters.network.zookeeper_proxy
is included in the active_network_filters
array on the listener.
In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Thrift if envoy.thrift_proxy
is included in the active_network_filters
array on the listener.
Protocols are identified as using mTLS if one of the following is true:
ssl_config
is set on the domain and ssl_config.trust_file
is configured
listener.secret.subjects
is configured on the listener
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP if:
No network layer protocols have been been configured
http2_protocol_options
is not set on the listener
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP2 if:
No network layer protocols have been been configured
http2_protocol_options
is set on the listener
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/WebSocket if upgrades: "websocket"
is set on the proxy.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/TCP if envoy.tcp_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Mongo if envoy.mongo_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Redis if envoy.redis_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Kafka if envoy.kafka_broker
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Dubbo if envoy.dubbo_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/MySQL if envoy.mysql_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Zookeeper if envoy.filters.network.zookeeper_proxy
is included in the active_network_filters
array on the listener.
In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Thrift if envoy.thrift_proxy
is included in the active_network_filters
array on the listener.