MeshCircuitBreaker

Spec is the specification of the Kuma MeshCircuitBreaker resource.

Type: object

Properties

• from

  • From list makes a match between clients and corresponding configurations

  • Type: array

    • Items

    • Type: object

    • Properties

      • default

        • Default is a configuration specific to the group of destinationsreferenced in 'targetRef'
        • Type: object
        • Properties
          • connectionLimits
            • ConnectionLimits contains configuration of each circuit breaking limit,which when exceeded makes the circuit breaker to become open (no trafficis allowed like no current is allowed in the circuits when physicalcircuit breaker ir open)
            • Type: object
            • Properties
              • maxConnectionPools
                • The maximum number of connection pools per cluster that are concurrentlysupported at once. Set this for clusters which create a large number ofconnection pools.
                • Type: integer
              • maxConnections
                • The maximum number of connections allowed to be made to the upstreamcluster.
                • Type: integer
              • maxPendingRequests
                • The maximum number of pending requests that are allowed to the upstreamcluster. This limit is applied as a connection limit for non-HTTPtraffic.
                • Type: integer
              • maxRequests
                • The maximum number of parallel requests that are allowed to be madeto the upstream cluster. This limit does not apply to non-HTTP traffic.
                • Type: integer
              • maxRetries
                • The maximum number of parallel retries that will be allowed tothe upstream cluster.
                • Type: integer
          • outlierDetection
            • OutlierDetection contains the configuration of the process of dynamicallydetermining whether some number of hosts in an upstream cluster areperforming unlike the others and removing them from the healthy loadbalancing set. Performance might be along different axes such asconsecutive failures, temporal success rate, temporal latency, etc.Outlier detection is a form of passive health checking.
            • Type: object
            • Properties
              • baseEjectionTime
                • The base time that a host is ejected for. The real time is equal tothe base time multiplied by the number of times the host has beenejected.
                • Type: string
              • detectors
                • Contains configuration for supported outlier detectors
                • Type: object
                • Properties
                  • failurePercentage
                    • Failure Percentage based outlier detection functions similarly to successrate detection, in that it relies on success rate data from each host ina cluster. However, rather than compare those values to the mean successrate of the cluster as a whole, they are compared to a flatuser-configured threshold. This threshold is configured via theoutlierDetection.failurePercentageThreshold field.The other configuration fields for failure percentage based detection aresimilar to the fields for success rate detection. As with success ratedetection, detection will not be performed for a host if its requestvolume over the aggregation interval is less than theoutlierDetection.detectors.failurePercentage.requestVolume value.Detection also will not be performed for a cluster if the number of hostswith the minimum required request volume in an interval is less than theoutlierDetection.detectors.failurePercentage.minimumHosts value.
                    • Type: object
                    • Properties
                      • minimumHosts
                        • The minimum number of hosts in a cluster in order to perform failurepercentage-based ejection. If the total number of hosts in the cluster isless than this value, failure percentage-based ejection will not beperformed.
                        • Type: integer
                      • requestVolume
                        • The minimum number of total requests that must be collected in oneinterval (as defined by the interval duration above) to perform failurepercentage-based ejection for this host. If the volume is lower than thissetting, failure percentage-based ejection will not be performed for thishost.
                        • Type: integer
                      • threshold
                        • The failure percentage to use when determining failure percentage-basedoutlier detection. If the failure percentage of a given host is greaterthan or equal to this value, it will be ejected.
                        • Type: integer
                  • gatewayFailures
                    • In the default mode (outlierDetection.splitExternalLocalOriginErrors isfalse) this detection type takes into account a subset of 5xx errors,called "gateway errors" (502, 503 or 504 status code) and local originfailures, such as timeout, TCP reset etc.In split mode (outlierDetection.splitExternalLocalOriginErrors is true)this detection type takes into account a subset of 5xx errors, called"gateway errors" (502, 503 or 504 status code) and is supported only bythe http router.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive gateway failures (502, 503, 504 status codes)before a consecutive gateway failure ejection occurs.
                        • Type: integer
                  • localOriginFailures
                    • This detection type is enabled only whenoutlierDetection.splitExternalLocalOriginErrors is true and takes intoaccount only locally originated errors (timeout, reset, etc).If Envoy repeatedly cannot connect to an upstream host or communicationwith the upstream host is repeatedly interrupted, it will be ejected.Various locally originated problems are detected: timeout, TCP reset,ICMP errors, etc. This detection type is supported by http router andtcp proxy.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive locally originated failures before ejectionoccurs. Parameter takes effect only when splitExternalAndLocalErrorsis set to true.
                        • Type: integer
                  • successRate
                    • Success Rate based outlier detection aggregates success rate data fromevery host in a cluster. Then at given intervals ejects hosts based onstatistical outlier detection. Success Rate outlier detection will not becalculated for a host if its request volume over the aggregation intervalis less than the outlierDetection.detectors.successRate.requestVolumevalue.Moreover, detection will not be performed for a cluster if the number ofhosts with the minimum required request volume in an interval is lessthan the outlierDetection.detectors.successRate.minimumHosts value.In the default configuration mode(outlierDetection.splitExternalLocalOriginErrors is false) this detectiontype takes into account all types of errors: locally and externallyoriginated.In split mode (outlierDetection.splitExternalLocalOriginErrors is true),locally originated errors and externally originated (transaction) errorsare counted and treated separately.
                    • Type: object
                    • Properties
                      • minimumHosts
                        • The number of hosts in a cluster that must have enough request volume todetect success rate outliers. If the number of hosts is less than thissetting, outlier detection via success rate statistics is not performedfor any host in the cluster.
                        • Type: integer
                      • requestVolume
                        • The minimum number of total requests that must be collected in oneinterval (as defined by the interval duration configured inoutlierDetection section) to include this host in success rate basedoutlier detection. If the volume is lower than this setting, outlierdetection via success rate statistics is not performed for that host.
                        • Type: integer
                      • standardDeviationFactor
                        • *This factor is used to determine the ejection threshold for success rateoutlier ejection. The ejection threshold is the difference betweenthe mean success rate, and the product of this factor and the standarddeviation of the mean success rate: mean - (standarddeviation *successratestandarddeviation_factor).Either int or decimal represented as string.*
                  • totalFailures
                    • In the default mode (outlierDetection.splitExternalAndLocalErrors isfalse) this detection type takes into account all generated errors:locally originated and externally originated (transaction) errors.In split mode (outlierDetection.splitExternalLocalOriginErrors is true)this detection type takes into account only externally originated(transaction) errors, ignoring locally originated errors.If an upstream host is an HTTP-server, only 5xx types of error are takeninto account (see Consecutive Gateway Failure for exceptions).Properly formatted responses, even when they carry an operational error(like index not found, access denied) are not taken into account.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive server-side error responses (for HTTP traffic,5xx responses; for TCP traffic, connection failures; for Redis, failureto respond PONG; etc.) before a consecutive total failure ejectionoccurs.
                        • Type: integer
              • disabled
                • When set to true, outlierDetection configuration won't take any effect
                • Type: boolean
              • interval
                • The time interval between ejection analysis sweeps. This can result inboth new ejections and hosts being returned to service.
                • Type: string
              • maxEjectionPercent
                • The maximum % of an upstream cluster that can be ejected due to outlierdetection. Defaults to 10% but will eject at least one host regardless ofthe value.
                • Type: integer
              • splitExternalAndLocalErrors
                • Determines whether to distinguish local origin failures from externalerrors. If set to true the following configuration parameters are takeninto account: detectors.localOriginFailures.consecutive
                • Type: boolean

      • targetRef required

        • TargetRef is a reference to the resource that represents a group ofdestinations.

        • Type: object

        • Properties

          • kind

            • Kind of the referenced resource
            • Type: string
            • The value is restricted to the following:
              1. "Mesh"
              2. "MeshSubset"
              3. "MeshGateway"
              4. "MeshService"
              5. "MeshServiceSubset"
              6. "MeshHTTPRoute"

          • mesh

            • Mesh is reserved for future use to identify cross mesh resources.
            • Type: string

          • name

            • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
            • Type: string

          • proxyTypes

            • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.

            • Type: array

            • Item Count: ≥ 1

              • Items
              • Type: string
              • The value is restricted to the following:
                1. "Sidecar"
                2. "Gateway"

          • tags

            • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
            • Type: object
            • This schema accepts additional properties.
            • Properties

• targetRef required

  • TargetRef is a reference to the resource the policy takes an effect on.The resource could be either a real store object or virtual resourcedefined in place.

  • Type: object

  • Properties

    • kind

      • Kind of the referenced resource
      • Type: string
      • The value is restricted to the following:
        1. "Mesh"
        2. "MeshSubset"
        3. "MeshGateway"
        4. "MeshService"
        5. "MeshServiceSubset"
        6. "MeshHTTPRoute"

    • mesh

      • Mesh is reserved for future use to identify cross mesh resources.
      • Type: string

    • name

      • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
      • Type: string

    • proxyTypes

      • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.

      • Type: array

      • Item Count: ≥ 1

        • Items
        • Type: string
        • The value is restricted to the following:
          1. "Sidecar"
          2. "Gateway"

    • tags

      • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
      • Type: object
      • This schema accepts additional properties.
      • Properties

• to

  • To list makes a match between the consumed services and correspondingconfigurations

  • Type: array

    • Items

    • Type: object

    • Properties

      • default

        • Default is a configuration specific to the group of destinationsreferenced in 'targetRef'
        • Type: object
        • Properties
          • connectionLimits
            • ConnectionLimits contains configuration of each circuit breaking limit,which when exceeded makes the circuit breaker to become open (no trafficis allowed like no current is allowed in the circuits when physicalcircuit breaker ir open)
            • Type: object
            • Properties
              • maxConnectionPools
                • The maximum number of connection pools per cluster that are concurrentlysupported at once. Set this for clusters which create a large number ofconnection pools.
                • Type: integer
              • maxConnections
                • The maximum number of connections allowed to be made to the upstreamcluster.
                • Type: integer
              • maxPendingRequests
                • The maximum number of pending requests that are allowed to the upstreamcluster. This limit is applied as a connection limit for non-HTTPtraffic.
                • Type: integer
              • maxRequests
                • The maximum number of parallel requests that are allowed to be madeto the upstream cluster. This limit does not apply to non-HTTP traffic.
                • Type: integer
              • maxRetries
                • The maximum number of parallel retries that will be allowed tothe upstream cluster.
                • Type: integer
          • outlierDetection
            • OutlierDetection contains the configuration of the process of dynamicallydetermining whether some number of hosts in an upstream cluster areperforming unlike the others and removing them from the healthy loadbalancing set. Performance might be along different axes such asconsecutive failures, temporal success rate, temporal latency, etc.Outlier detection is a form of passive health checking.
            • Type: object
            • Properties
              • baseEjectionTime
                • The base time that a host is ejected for. The real time is equal tothe base time multiplied by the number of times the host has beenejected.
                • Type: string
              • detectors
                • Contains configuration for supported outlier detectors
                • Type: object
                • Properties
                  • failurePercentage
                    • Failure Percentage based outlier detection functions similarly to successrate detection, in that it relies on success rate data from each host ina cluster. However, rather than compare those values to the mean successrate of the cluster as a whole, they are compared to a flatuser-configured threshold. This threshold is configured via theoutlierDetection.failurePercentageThreshold field.The other configuration fields for failure percentage based detection aresimilar to the fields for success rate detection. As with success ratedetection, detection will not be performed for a host if its requestvolume over the aggregation interval is less than theoutlierDetection.detectors.failurePercentage.requestVolume value.Detection also will not be performed for a cluster if the number of hostswith the minimum required request volume in an interval is less than theoutlierDetection.detectors.failurePercentage.minimumHosts value.
                    • Type: object
                    • Properties
                      • minimumHosts
                        • The minimum number of hosts in a cluster in order to perform failurepercentage-based ejection. If the total number of hosts in the cluster isless than this value, failure percentage-based ejection will not beperformed.
                        • Type: integer
                      • requestVolume
                        • The minimum number of total requests that must be collected in oneinterval (as defined by the interval duration above) to perform failurepercentage-based ejection for this host. If the volume is lower than thissetting, failure percentage-based ejection will not be performed for thishost.
                        • Type: integer
                      • threshold
                        • The failure percentage to use when determining failure percentage-basedoutlier detection. If the failure percentage of a given host is greaterthan or equal to this value, it will be ejected.
                        • Type: integer
                  • gatewayFailures
                    • In the default mode (outlierDetection.splitExternalLocalOriginErrors isfalse) this detection type takes into account a subset of 5xx errors,called "gateway errors" (502, 503 or 504 status code) and local originfailures, such as timeout, TCP reset etc.In split mode (outlierDetection.splitExternalLocalOriginErrors is true)this detection type takes into account a subset of 5xx errors, called"gateway errors" (502, 503 or 504 status code) and is supported only bythe http router.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive gateway failures (502, 503, 504 status codes)before a consecutive gateway failure ejection occurs.
                        • Type: integer
                  • localOriginFailures
                    • This detection type is enabled only whenoutlierDetection.splitExternalLocalOriginErrors is true and takes intoaccount only locally originated errors (timeout, reset, etc).If Envoy repeatedly cannot connect to an upstream host or communicationwith the upstream host is repeatedly interrupted, it will be ejected.Various locally originated problems are detected: timeout, TCP reset,ICMP errors, etc. This detection type is supported by http router andtcp proxy.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive locally originated failures before ejectionoccurs. Parameter takes effect only when splitExternalAndLocalErrorsis set to true.
                        • Type: integer
                  • successRate
                    • Success Rate based outlier detection aggregates success rate data fromevery host in a cluster. Then at given intervals ejects hosts based onstatistical outlier detection. Success Rate outlier detection will not becalculated for a host if its request volume over the aggregation intervalis less than the outlierDetection.detectors.successRate.requestVolumevalue.Moreover, detection will not be performed for a cluster if the number ofhosts with the minimum required request volume in an interval is lessthan the outlierDetection.detectors.successRate.minimumHosts value.In the default configuration mode(outlierDetection.splitExternalLocalOriginErrors is false) this detectiontype takes into account all types of errors: locally and externallyoriginated.In split mode (outlierDetection.splitExternalLocalOriginErrors is true),locally originated errors and externally originated (transaction) errorsare counted and treated separately.
                    • Type: object
                    • Properties
                      • minimumHosts
                        • The number of hosts in a cluster that must have enough request volume todetect success rate outliers. If the number of hosts is less than thissetting, outlier detection via success rate statistics is not performedfor any host in the cluster.
                        • Type: integer
                      • requestVolume
                        • The minimum number of total requests that must be collected in oneinterval (as defined by the interval duration configured inoutlierDetection section) to include this host in success rate basedoutlier detection. If the volume is lower than this setting, outlierdetection via success rate statistics is not performed for that host.
                        • Type: integer
                      • standardDeviationFactor
                        • *This factor is used to determine the ejection threshold for success rateoutlier ejection. The ejection threshold is the difference betweenthe mean success rate, and the product of this factor and the standarddeviation of the mean success rate: mean - (standarddeviation *successratestandarddeviation_factor).Either int or decimal represented as string.*
                  • totalFailures
                    • In the default mode (outlierDetection.splitExternalAndLocalErrors isfalse) this detection type takes into account all generated errors:locally originated and externally originated (transaction) errors.In split mode (outlierDetection.splitExternalLocalOriginErrors is true)this detection type takes into account only externally originated(transaction) errors, ignoring locally originated errors.If an upstream host is an HTTP-server, only 5xx types of error are takeninto account (see Consecutive Gateway Failure for exceptions).Properly formatted responses, even when they carry an operational error(like index not found, access denied) are not taken into account.
                    • Type: object
                    • Properties
                      • consecutive
                        • The number of consecutive server-side error responses (for HTTP traffic,5xx responses; for TCP traffic, connection failures; for Redis, failureto respond PONG; etc.) before a consecutive total failure ejectionoccurs.
                        • Type: integer
              • disabled
                • When set to true, outlierDetection configuration won't take any effect
                • Type: boolean
              • interval
                • The time interval between ejection analysis sweeps. This can result inboth new ejections and hosts being returned to service.
                • Type: string
              • maxEjectionPercent
                • The maximum % of an upstream cluster that can be ejected due to outlierdetection. Defaults to 10% but will eject at least one host regardless ofthe value.
                • Type: integer
              • splitExternalAndLocalErrors
                • Determines whether to distinguish local origin failures from externalerrors. If set to true the following configuration parameters are takeninto account: detectors.localOriginFailures.consecutive
                • Type: boolean

      • targetRef required

        • TargetRef is a reference to the resource that represents a group ofdestinations.

        • Type: object

        • Properties

          • kind

            • Kind of the referenced resource
            • Type: string
            • The value is restricted to the following:
              1. "Mesh"
              2. "MeshSubset"
              3. "MeshGateway"
              4. "MeshService"
              5. "MeshServiceSubset"
              6. "MeshHTTPRoute"

          • mesh

            • Mesh is reserved for future use to identify cross mesh resources.
            • Type: string

          • name

            • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
            • Type: string

          • proxyTypes

            • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.

            • Type: array

            • Item Count: ≥ 1

              • Items
              • Type: string
              • The value is restricted to the following:
                1. "Sidecar"
                2. "Gateway"

          • tags

            • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
            • Type: object
            • This schema accepts additional properties.
            • Properties

Generated with json-schema-md-doc Fri May 09 2025 15:44:03 GMT+0000 (Coordinated Universal Time)