Protocols

Protocols

The dashboard displays one or more protocols for each service. Protocols are determined for each listener announced in the mesh. Note that multiple listeners may be configured for each service, each with distinct protocol types.

Protocols are shown as badges on the service cards/list items, separated by commas. Services can be filtered, grouped, and sorted on all of the following protocols.

Plaintext Protocols

Protocols are identified as plaintext if the following criteria are true:

  • ssl_config is not set on the domain

  • force_https is set to false on the domain

HTTP

In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP if:

HTTP2

In addition to the plaintext protocol requirements listed above, a service is labeled as HTTP2 if:

WebSocket

In addition to the plaintext protocol requirements listed above, a service is labeled as WebSocket if upgrades: "websocket" is set on the proxy.

TCP

In addition to the plaintext protocol requirements listed above, a service is labeled as TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

Mongo

In addition to the plaintext protocol requirements listed above, a service is labeled as Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

Redis

In addition to the plaintext protocol requirements listed above, a service is labeled as Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

Kafka

In addition to the plaintext protocol requirements listed above, a service is labeled as Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

Dubbo

In addition to the plaintext protocol requirements listed above, a service is labeled as Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

MySQL

In addition to the plaintext protocol requirements listed above, a service is labeled as MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

Zookeeper

In addition to the plaintext protocol requirements listed above, a service is labeled as Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

Thrift

In addition to the plaintext protocol requirements listed above, a service is labeled as Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.

TLS Protocols

Protocols are identified as using TLS if one of the following is true:

  • force_https is set to true on the domain

  • ssl_config is set on the domain and ssl_config.require_client_certs is true

TLS/HTTP

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP if:

TLS/HTTP2

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/HTTP2 if:

TLS/WebSocket

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/WebSocket if upgrades: "websocket" is set on the proxy.

TLS/TCP

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

TLS/Mongo

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

TLS/Redis

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

TLS/Kafka

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

TLS/Dubbo

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

TLS/MySQL

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

TLS/Zookeeper

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

TLS/Thrift

In addition to the TLS protocol requirements listed above, a service is labeled as TLS/Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.

Mutual TLS Protocols

Protocols are identified as using mTLS if one of the following is true:

  • ssl_config is set on the domain and ssl_config.trust_file is configured

  • listener.secret.subjects is configured on the listener

mTLS/HTTP

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP if:

mTLS/HTTP2

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/HTTP2 if:

mTLS/WebSocket

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/WebSocket if upgrades: "websocket" is set on the proxy.

mTLS/TCP

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/TCP if envoy.tcp_proxy is included in the active_network_filters array on the listener.

mTLS/Mongo

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Mongo if envoy.mongo_proxy is included in the active_network_filters array on the listener.

mTLS/Redis

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Redis if envoy.redis_proxy is included in the active_network_filters array on the listener.

mTLS/Kafka

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Kafka if envoy.kafka_broker is included in the active_network_filters array on the listener.

mTLS/Dubbo

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Dubbo if envoy.dubbo_proxy is included in the active_network_filters array on the listener.

mTLS/MySQL

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/MySQL if envoy.mysql_proxy is included in the active_network_filters array on the listener.

mTLS/Zookeeper

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Zookeeper if envoy.filters.network.zookeeper_proxy is included in the active_network_filters array on the listener.

mTLS/Thrift

In addition to the mTLS protocol requirements listed above, a service is labeled as mTLS/Thrift if envoy.thrift_proxy is included in the active_network_filters array on the listener.