GreyMatter.io
Twitter
GitHub
Support
Overview
Release Notes
Use Cases
Architecture
Installation
Set up the CLI
Install on Kubernetes
Guides
Deploy a Service
Remove a Service
Security
Fabric
Data-Mesh
AWS
Application Development Guide
Usage
Application
Protocols
Inline Documentation
Configuration
Control Panel
Business Impact
SLO
Service Status
Service Discovery
Traffic Control
Security
Telemetry
Platform Services
Troubleshooting
Reference
API
CLI
Setup
Artifacts
System Requirements
Standards and Compliance
Glossary
1.3 Migration Guide
Powered by GitBook

Protocols

Protocols

The dashboard displays one or more protocols for each service. Protocols are determined for each listener announced in the mesh. Note that multiple listeners may be configured for each service, each with distinct protocol types.

Protocols are shown as badges on the service cards/list items, separated by commas. Services can be filtered, grouped, and sorted on all of the following protocols.

Plaintext Protocols

Protocols are identified as plaintext if the following criteria are true:

  • ssl_config is not set on the domain​

  • force_https is set to false on the domain​

HTTP

In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP if:

HTTP2

In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP2 if:

WebSocket

In addition to the plaintext protocol requirements listed above, a service is labeled as WebSocket if upgrades: "websocket" is set on the proxy.

TCP

In addition to the plaintext protocol requirements listed above, a service is labeled as TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

Mongo

In addition to the plaintext protocol requirements listed above, a service is labeled as Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

Redis

In addition to the plaintext protocol requirements listed above, a service is labeled as Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

Kafka

In addition to the plaintext protocol requirements listed above, a service is labeled as Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

Dubbo

In addition to the plaintext protocol requirements listed above, a service is labeled as Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

MySQL

In addition to the plaintext protocol requirements listed above, a service is labeled as MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

Zookeeper

In addition to the plaintext protocol requirements listed above, a service is labeled as Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

Thrift

In addition to the plaintext protocol requirements listed above, a service is labeled as Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.

TLS Protocols

Protocols are identified as using TLS if one of the following is true:

  • force_https is set to true on the domain​

  • ssl_config is set on the domain and ssl_config.require_client_certs is true

TLS/HTTP

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP if:

TLS/HTTP2

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP2 if:

TLS/WebSocket

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/WebSocket if upgrades: "websocket" is set on the proxy.

TLS/TCP

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

TLS/Mongo

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

TLS/Redis

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

TLS/Kafka

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

TLS/Dubbo

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

TLS/MySQL

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

TLS/Zookeeper

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

TLS/Thrift

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.

Mutual TLS Protocols

Protocols are identified as using mTLS if one of the following is true:

  • ssl_config is set on the domain and ssl_config.trust_file is configured

  • listener.secret.subjects is configured on the listener​

mTLS/HTTP

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP if:

mTLS/HTTP2

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP2 if:

mTLS/WebSocket

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/WebSocket if upgrades: "websocket" is set on the proxy.

mTLS/TCP

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

mTLS/Mongo

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

mTLS/Redis

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

mTLS/Kafka

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

mTLS/Dubbo

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

mTLS/MySQL

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

mTLS/Zookeeper

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

mTLS/Thrift

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.

Usage - Previous
Application
Next
Inline Documentation
Last updated 5 months ago
Contents
Plaintext Protocols
HTTP
HTTP2
WebSocket
TCP
Mongo
Redis
Kafka
Dubbo
MySQL
Zookeeper
Thrift
TLS Protocols
TLS/HTTP
TLS/HTTP2
TLS/WebSocket
TLS/TCP
TLS/Mongo
TLS/Redis
TLS/Kafka
TLS/Dubbo
TLS/MySQL
TLS/Zookeeper
TLS/Thrift
Mutual TLS Protocols
mTLS/HTTP
mTLS/HTTP2
mTLS/WebSocket
mTLS/TCP
mTLS/Mongo
mTLS/Redis
mTLS/Kafka
mTLS/Dubbo
mTLS/MySQL
mTLS/Zookeeper
mTLS/Thrift