package io.linkerd.proxy.outbound

Get desktop application:
View/edit binary Protocol Buffers messages

• rpc Get (TrafficSpec, OutboundPolicy)

  outbound.proto:17

• rpc Watch (TrafficSpec, stream OutboundPolicy)

  outbound.proto:19

Used in: GrpcRoute.RouteBackend, HttpRoute.RouteBackend, OpaqueRoute.RouteBackend, TlsRoute.RouteBackend

• optional meta.Metadata metadata = 1

• oneof kind

  • destination.WeightedAddr forward = 2

    A backend that consists of a single endpoint.

  • Backend.BalanceP2c balancer = 3

    A backend that comprises a load balanced service.

• optional Queue queue = 4

  Describes queue configuration for a backend.

Describes a power-of-two-choices (P2C) load balancer configuration for a backend.

Used in: Backend

• optional EndpointDiscovery discovery = 1

• oneof load

  The load estimation strategy used by this load balancer.

  • BalanceP2c.PeakEwma peak_ewma = 2

    This load balancer uses peak EWMA (exponentially weighted moving average) load estimates.

  • BalanceP2c.PenaltyPeakEwma penalty_peak_ewma = 3

    A variant of peak EWMA that injects artificial penalties based on response codes, enabling 429-aware load balancing.

Parameters configuring peak EWMA load estimation.

Used in: BalanceP2c

• optional google.protobuf.Duration default_rtt = 1

  Initial latency value used when no latencies have been recorded for an endpoint.

• optional google.protobuf.Duration decay = 2

  The duration of the moving window over which latency is observed.

Used in: BalanceP2c

• optional google.protobuf.Duration default_rtt = 1

  Initial latency value used when no latencies have been recorded for an endpoint.

• optional google.protobuf.Duration decay = 2

  The duration of the moving window over which latency is observed.

• optional google.protobuf.Duration penalty = 3

  The penalty duration to inject when a matching response is received.

• optional google.protobuf.Duration max_retry_after = 4

  The maximum duration to respect for Retry-After hints. Hints that exceed this value will be capped.

• optional google.protobuf.Duration penalty_decay = 5

  The EWMA decay window for the penalty.

A strategy for discovering endpoints for a service.

Used in: BalanceP2c

• oneof kind

  • EndpointDiscovery.DestinationGet dst = 1

    Use the `Destination` service to discover endpoints for this service.

Used in: EndpointDiscovery

• string path = 1

Pool-level ejection protection. Prevents circuit breakers from ejecting all endpoints in a load-balancing pool. Additional ejection parameters may follow in future fields.

Used in: FailureAccrual

• uint32 min_ready_endpoints = 1

  Minimum number of endpoints that must remain unejected. When set to 0 (or absent), ejection protection is disabled.

Used in: FailureAccrual.ConsecutiveFailures, FailureAccrual.Unified, GrpcRoute.Retry, HttpRoute.Retry

• optional google.protobuf.Duration min_backoff = 1

  The minimum amount of time to wait before resuming an operation.

• optional google.protobuf.Duration max_backoff = 2

  The maximum amount of time to wait before resuming an operation. Must be greater than or equal to min_backoff.

• float jitter_ratio = 3

  The ratio of the base timeout that may be randomly added to a backoff. Must be greater than or equal to 0.0.

• bool respect_retry_after_hint = 4

  If true, the proxy will use the Retry-After hint (if present on the response) as the initial backoff duration, clamped by min_backoff and max_backoff.

Configures failure accrual policies for circuit breaking. Setting a numeric policy field to zero disables that policy.

Used in: ProxyProtocol.Grpc, ProxyProtocol.Http1, ProxyProtocol.Http2

• oneof kind

  • FailureAccrual.ConsecutiveFailures consecutive_failures = 1

  • FailureAccrual.Unified unified = 2

• optional EjectionConfig ejection = 3

  Ejection protection for the pool. When set, prevents circuit breakers from ejecting endpoints below the configured floor.

Used in: FailureAccrual

• uint32 max_failures = 1

  Maximum consecutive failures before the circuit trips. Set to 0 to disable (an unset field has the same effect).

• optional ExponentialBackoff backoff = 2

  Must be set. Controls the ejection duration before probe requests are allowed after this policy trips the circuit.

Used in: FailureAccrual

• double success_rate_threshold = 1

  Success rate threshold in [0.0, 1.0]. The circuit trips when the EWMA success rate drops below this value. Set to 0.0 to disable. Defined as `double` (not `float`) because this value is compared against the proxy's f64 EWMA on every request.

• optional google.protobuf.Duration decay = 2

  EWMA decay window for success rate tracking.

• uint32 min_requests = 3

  Minimum requests before the success rate policy can trip (cold-start guard).

• uint32 max_consecutive_failures = 4

  Maximum consecutive failures before the circuit trips. Set to 0 to disable (an unset field has the same effect).

• optional ExponentialBackoff backoff = 5

  Must be set. Controls the ejection duration before probe requests are allowed after this policy trips the circuit.

Used in: ProxyProtocol.Grpc

• optional meta.Metadata metadata = 1

• repeated http_route.HostMatch hosts = 2

  If empty, the host value is ignored.

• repeated GrpcRoute.Rule rules = 3

  Must have at least one rule.

Used in: Rule

• oneof kind

  • Distribution.Empty empty = 1

  • Distribution.FirstAvailable first_available = 2

    Use the first available backend in the list.

  • Distribution.RandomAvailable random_available = 3

Used in: Distribution

(message has no fields)

Used in: Distribution

• repeated RouteBackend backends = 1

Used in: Distribution

• repeated WeightedRouteBackend backends = 1

Used in: RouteBackend, Rule

• oneof kind

  • grpc_route.GrpcFailureInjector failure_injector = 1

  • http_route.RequestHeaderModifier request_header_modifier = 2

Used in: Rule

• uint32 max_retries = 1

• uint32 max_request_bytes = 2

• optional Retry.Conditions conditions = 3

  Must be set, even if there are no internal conditions.

• optional google.protobuf.Duration timeout = 4

• optional ExponentialBackoff backoff = 5

Retryable gRPC status codes.

Used in: Retry

• bool cancelled = 1

• bool deadine_exceeded = 4

• bool resource_exhausted = 8

• bool internal = 13

• bool unavailable = 14

Used in: Distribution.FirstAvailable, WeightedRouteBackend

• optional Backend backend = 1

• repeated Filter filters = 3

• optional google.protobuf.Duration requestTimeout = 4

  DEPRECATED: proxies ignore this. Retry timeouts are used instead of this.

Used in: GrpcRoute

• repeated grpc_route.GrpcRouteMatch matches = 1

• repeated Filter filters = 2

• optional Distribution backends = 3

• optional google.protobuf.Duration requestTimeout = 4

  DEPRECATED: use `timeouts` instead. Servers should continue to set this value to the same value as `timeouts.response`.

• optional http_route.Timeouts timeouts = 5

• optional Retry retry = 6

• bool allow_l5d_request_headers = 7

  If true, the proxy will allow headers to control retry and timeout behavior.

Used in: Distribution.RandomAvailable

• optional RouteBackend backend = 1

• uint32 weight = 2

Outbound-specific HTTP route configuration (based on the [Gateway API](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.HTTPRoute)).

Used in: ProxyProtocol.Http1, ProxyProtocol.Http2

• optional meta.Metadata metadata = 1

• repeated http_route.HostMatch hosts = 2

  If empty, the host value is ignored.

• repeated HttpRoute.Rule rules = 3

  Must have at least one rule.

Used in: Rule

• oneof kind

  • Distribution.Empty empty = 1

  • Distribution.FirstAvailable first_available = 2

    Use the first available backend in the list.

  • Distribution.RandomAvailable random_available = 3

Used in: Distribution

(message has no fields)

Used in: Distribution

• repeated RouteBackend backends = 1

Used in: Distribution

• repeated WeightedRouteBackend backends = 1

Used in: RouteBackend, Rule

• oneof kind

  • http_route.HttpFailureInjector failure_injector = 1

  • http_route.RequestHeaderModifier request_header_modifier = 2

  • http_route.RequestRedirect redirect = 3

  • http_route.ResponseHeaderModifier response_header_modifier = 4

Used in: Rule

• uint32 max_retries = 1

• uint32 max_request_bytes = 2

• optional Retry.Conditions conditions = 3

  Must be set, even if there are no internal conditions.

• optional google.protobuf.Duration timeout = 4

• optional ExponentialBackoff backoff = 5

Retryable conditions.

Used in: Retry

• repeated Conditions.StatusRange status_ranges = 1

  Specifies the status code ranges that should trigger a retry.

Used in: Conditions

• uint32 start = 1

• uint32 end = 2

Used in: Distribution.FirstAvailable, WeightedRouteBackend

• optional Backend backend = 1

• repeated Filter filters = 3

• optional google.protobuf.Duration requestTimeout = 4

  DEPRECATED: proxies ignore this. Use Retry timeouts instead.

Used in: HttpRoute

• repeated http_route.HttpRouteMatch matches = 1

• repeated Filter filters = 2

• optional Distribution backends = 3

• optional google.protobuf.Duration requestTimeout = 4

  DEPRECATED: use `timeouts` instead. Servers should continue to set this value to the same value as `timeouts.response`.

• optional http_route.Timeouts timeouts = 5

• optional Retry retry = 6

• bool allow_l5d_request_headers = 7

  If true, the proxy will allow headers to control retry and timeout behavior.

Used in: Distribution.RandomAvailable

• optional RouteBackend backend = 1

• uint32 weight = 2

Used in: ProxyProtocol.Opaque

• optional meta.Metadata metadata = 1

• repeated OpaqueRoute.Rule rules = 3

  Must have at least one rule.

Used in: Rule

• oneof kind

  • Distribution.Empty empty = 1

  • Distribution.FirstAvailable first_available = 2

    Use the first available backend in the list.

  • Distribution.RandomAvailable random_available = 3

Used in: Distribution

(message has no fields)

Used in: Distribution

• repeated RouteBackend backends = 1

Used in: Distribution

• repeated WeightedRouteBackend backends = 1

Used in: RouteBackend, Rule

• oneof kind

  • opaque_route.Invalid invalid = 1

  • opaque_route.Forbidden forbidden = 2

Used in: Distribution.FirstAvailable, WeightedRouteBackend

• optional Backend backend = 1

• repeated Filter filters = 3

Used in: OpaqueRoute

• optional Distribution backends = 1

• repeated Filter filters = 2

Used in: Distribution.RandomAvailable

• optional RouteBackend backend = 1

• uint32 weight = 2

Outbound policy for a given traffic spec.

Used as response type in: OutboundPolicies.Get, OutboundPolicies.Watch

• optional ProxyProtocol protocol = 1

  Indicates the protocol to use for this target. This will be set to Opaque if the target has been marked as opaque and will be Discover otherwise.

• optional meta.Metadata metadata = 2

  Describes the resource for which outbound policy has been discovered.

Used in: OutboundPolicy

• oneof kind

  • ProxyProtocol.Detect detect = 1

  • ProxyProtocol.Opaque opaque = 2

  • ProxyProtocol.Http1 http1 = 3

    HTTP/1 policy configuration.

  • ProxyProtocol.Http2 http2 = 4

    HTTP/2 policy configuration.

  • ProxyProtocol.Grpc grpc = 5

    gRPC policy configuration.

  • ProxyProtocol.Tls tls = 6

    TLS policy configuration.

Used in: ProxyProtocol

• optional google.protobuf.Duration timeout = 1

  Protocol detection timeout.

• optional Opaque opaque = 2

• optional Http1 http1 = 3

  HTTP/1 policy configuration.

• optional Http2 http2 = 4

  HTTP/2 policy configuration.

Used in: ProxyProtocol

• repeated GrpcRoute routes = 1

• optional FailureAccrual failure_accrual = 2

  If empty, circuit breaking is not performed.

Used in: ProxyProtocol, Detect

• repeated HttpRoute routes = 1

• optional FailureAccrual failure_accrual = 2

  If empty, circuit breaking is not performed.

Used in: ProxyProtocol, Detect

• repeated HttpRoute routes = 1

• optional FailureAccrual failure_accrual = 2

  If empty, circuit breaking is not performed.

Used in: ProxyProtocol, Detect

• repeated OpaqueRoute routes = 1

Used in: ProxyProtocol

• repeated TlsRoute routes = 1

Used in: Backend

• uint32 capacity = 1

  The number of requests that may be held in a queue before backpressure is exerted.

• optional google.protobuf.Duration failfast_timeout = 2

  A timeout that limits how long a backend may remain unready before any requests in its queue are failed.

Used in: ProxyProtocol.Tls

• optional meta.Metadata metadata = 1

• repeated tls_route.SniMatch snis = 2

  If empty, the SNI value is ignored.

• repeated TlsRoute.Rule rules = 3

  Must have at least one rule.

Used in: Rule

• oneof kind

  • Distribution.Empty empty = 1

  • Distribution.FirstAvailable first_available = 2

    Use the first available backend in the list.

  • Distribution.RandomAvailable random_available = 3

Used in: Distribution

(message has no fields)

Used in: Distribution

• repeated RouteBackend backends = 1

Used in: Distribution

• repeated WeightedRouteBackend backends = 1

Used in: RouteBackend, Rule

• oneof kind

  • opaque_route.Invalid invalid = 1

  • opaque_route.Forbidden forbidden = 2

Used in: Distribution.FirstAvailable, WeightedRouteBackend

• optional Backend backend = 1

• repeated Filter filters = 3

Used in: TlsRoute

• optional Distribution backends = 1

• repeated Filter filters = 2

Used in: Distribution.RandomAvailable

• optional RouteBackend backend = 1

• uint32 weight = 2

Used as request type in: OutboundPolicies.Get, OutboundPolicies.Watch

• string source_workload = 1

  Uniquely identifies the source proxy workload (e.g., pod name) to the control plane.

• oneof target

  Describes a target address, as observed by the proxy.

  • net.TcpAddress addr = 2

    Indicates the proxy is connecting to a specific IP:port.

  • string authority = 3

    Indicates the proxy is connecting to a named address (like an HTTP authority).