Skip to content

Instantly share code, notes, and snippets.

@dicarlo2

dicarlo2/grafana-0.json

Created February 8, 2019 01:07
Show Gist options
  • Save dicarlo2/edb2aa595e83e29d0d4e852360fb7a65 to your computer and use it in GitHub Desktop.
Save dicarlo2/edb2aa595e83e29d0d4e852360fb7a65 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
grafana-0.json
{
"name": "10.0.3.50_3000",
"address": {
"socketAddress": {
"address": "10.0.3.50",
"portValue": 3000
}
},
"filterChains": [
{
"tlsContext": {
"commonTlsContext": {
"tlsCertificates": [
{
"certificateChain": {
"filename": "/etc/certs/cert-chain.pem"
},
"privateKey": {
"filename": "/etc/certs/key.pem"
}
}
],
"validationContext": {
"trustedCa": {
"filename": "/etc/certs/root-cert.pem"
}
},
"alpnProtocols": [
"h2",
"http/1.1"
]
},
"requireClientCertificate": true
},
"filters": [
{
"name": "envoy.http_connection_manager",
"config": {
"access_log": [
{
"config": {
"json_format": {
"authority": "%REQ(:AUTHORITY)%",
"bytes_received": "%BYTES_RECEIVED%",
"bytes_sent": "%BYTES_SENT%",
"downstream_local_address": "%DOWNSTREAM_LOCAL_ADDRESS%",
"downstream_remote_address": "%DOWNSTREAM_REMOTE_ADDRESS%",
"duration": "%DURATION%",
"method": "%START_TIME%",
"path": "%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%",
"protocol": "%PROTOCOL%",
"request_id": "%REQ(X-REQUEST-ID)%",
"requested_server_name": "%REQUESTED_SERVER_NAME%",
"response_code": "%RESPONSE_CODE%",
"response_flags": "%RESPONSE_FLAGS%",
"start_time": "%START_TIME%",
"upstream_cluster": "%UPSTREAM_CLUSTER%",
"upstream_host": "%UPSTREAM_HOST%",
"upstream_local_address": "%UPSTREAM_LOCAL_ADDRESS%",
"upstream_service_time": "%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%",
"user_agent": "%REQ(USER-AGENT)%",
"x_forwarded_for": "%REQ(X-FORWARDED-FOR)%"
},
"path": "/dev/stdout"
},
"name": "envoy.file_access_log"
}
],
"forward_client_cert_details": "APPEND_FORWARD",
"generate_request_id": true,
"http_filters": [
{
"config": {
"policy": {
"peers": [
{
"mtls": {}
}
]
}
},
"name": "istio_authn"
},
{
"config": {
"rules": {
"policies": {
"kiali.monitoring-potato-beetle-grafana.monitoring-potato-beetle": {
"permissions": [
{
"and_rules": {
"rules": [
{
"or_rules": {
"rules": [
{
"header": {
"exact_match": "GET",
"name": ":method"
}
}
]
}
},
{
"or_rules": {
"rules": [
{
"destination_port": 3000
}
]
}
}
]
}
}
],
"principals": [
{
"and_ids": {
"ids": [
{
"metadata": {
"filter": "istio_authn",
"path": [
{
"key": "source.principal"
}
],
"value": {
"string_match": {
"exact": "cluster.local/ns/monitoring-potato-beetle/sa/kiali-service-account"
}
}
}
}
]
}
}
]
},
"prometheus.monitoring-potato-beetle-grafana.monitoring-potato-beetle.secure": {
"permissions": [
{
"and_rules": {
"rules": [
{
"or_rules": {
"rules": [
{
"header": {
"exact_match": "GET",
"name": ":method"
}
}
]
}
},
{
"or_rules": {
"rules": [
{
"destination_port": 3000
}
]
}
}
]
}
}
],
"principals": [
{
"and_ids": {
"ids": [
{
"metadata": {
"filter": "istio_authn",
"path": [
{
"key": "source.principal"
}
],
"value": {
"string_match": {
"exact": "cluster.local/ns/monitoring-potato-beetle/sa/prometheus-service-account"
}
}
}
}
]
}
}
]
},
"sso-proxy.ingress-grafana.monitoring-potato-beetle": {
"permissions": [
{
"and_rules": {
"rules": [
{
"or_rules": {
"rules": [
{
"header": {
"name": ":method",
"present_match": true
}
}
]
}
},
{
"or_rules": {
"rules": [
{
"destination_port": 3000
}
]
}
}
]
}
}
],
"principals": [
{
"and_ids": {
"ids": [
{
"metadata": {
"filter": "istio_authn",
"path": [
{
"key": "source.principal"
}
],
"value": {
"string_match": {
"exact": "cluster.local/ns/ingress/sa/sso-proxy-service-account"
}
}
}
}
]
}
}
]
}
}
}
},
"name": "envoy.filters.http.rbac"
},
{
"config": {
"default_destination_service": "default",
"mixer_attributes": {
"attributes": {
"context.reporter.kind": {
"string_value": "inbound"
},
"context.reporter.uid": {
"string_value": "kubernetes://grafana-0.monitoring-potato-beetle"
},
"destination.ip": {
"bytes_value": "AAAAAAAAAAAAAP//CgADMg=="
},
"destination.namespace": {
"string_value": "monitoring-potato-beetle"
},
"destination.port": {
"int64_value": "3000"
},
"destination.uid": {
"string_value": "kubernetes://grafana-0.monitoring-potato-beetle"
}
}
},
"service_configs": {
"default": {}
},
"transport": {
"check_cluster": "outbound|15004||istio-policy.istio-system.svc.cluster.local",
"network_fail_policy": {
"policy": "FAIL_CLOSE"
},
"report_cluster": "outbound|15004||istio-telemetry.istio-system.svc.cluster.local"
}
},
"name": "mixer"
},
{
"name": "envoy.cors"
},
{
"name": "envoy.fault"
},
{
"name": "envoy.router"
}
],
"route_config": {
"name": "inbound|3000|http-prom|grafana-0.monitoring-potato-beetle.svc.cluster.local",
"validate_clusters": false,
"virtual_hosts": [
{
"domains": [
"*"
],
"name": "inbound|http|3000",
"routes": [
{
"decorator": {
"operation": "grafana-0.monitoring-potato-beetle.svc.cluster.local:3000/*"
},
"match": {
"prefix": "/"
},
"per_filter_config": {
"mixer": {
"mixer_attributes": {
"attributes": {
"destination.service.host": {
"string_value": "grafana-0.monitoring-potato-beetle.svc.cluster.local"
},
"destination.service.name": {
"string_value": "grafana-0"
},
"destination.service.namespace": {
"string_value": "monitoring-potato-beetle"
},
"destination.service.uid": {
"string_value": "istio://monitoring-potato-beetle/services/grafana-0"
}
}
}
}
},
"route": {
"cluster": "inbound|3000|http-prom|grafana-0.monitoring-potato-beetle.svc.cluster.local",
"max_grpc_timeout": "0s",
"timeout": "0s"
}
}
]
}
]
},
"server_name": "istio-envoy",
"set_current_client_cert_details": {
"dns": true,
"subject": true,
"uri": true
},
"stat_prefix": "10.0.3.50_3000",
"stream_idle_timeout": "0s",
"tracing": {
"client_sampling": {
"value": 100
},
"overall_sampling": {
"value": 100
},
"random_sampling": {
"value": 100
}
},
"upgrade_configs": [
{
"upgrade_type": "websocket"
}
],
"use_remote_address": false
}
}
]
}
],
"deprecatedV1": {
"bindToPort": false
},
"listenerFilters": [
{
"name": "envoy.listener.tls_inspector"
}
]
},
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment