Expand description
Contains all types received by and sent from Sōzu
Modules§
- filtered_
metrics - Nested message and enum types in
FilteredMetrics. - ip_
address - Nested message and enum types in
IpAddress. - protobuf_
endpoint - Nested message and enum types in
ProtobufEndpoint. - request
- Nested message and enum types in
Request. - response_
content - Nested message and enum types in
ResponseContent.
Structs§
- Activate
Listener - AddBackend
- add a backend
- AddCertificate
- Add a new TLS certificate to an HTTPs listener
- Aggregated
Metrics - Aggregated metrics of main process & workers
- Alpn
Protocols - Wrapper message to distinguish “absent” (preserve) from “present but empty”
(reset to default) for ALPN protocols. A bare
repeated stringcannot make this distinction in proto2 since field absence is not detectable for repeated scalars without a sentinel. - Available
Metrics - lists of available metrics in a worker, or in the main process (in which case there are no cluster metrics)
- Backend
Metrics - Bucket
- a prometheus histogram bucket
- Certificate
AndKey - Certificate
Summary - domain name and fingerprint of a certificate
- Certificates
ByAddress - Summaries of certificates for a given address
- Certificates
With Fingerprints - to reply to several certificate queries
- Cluster
- A cluster is what binds a frontend to backends with routing rules
- Cluster
Hashes - Cluster
Information - Information about a given cluster Contains types usually used in requests, because they are readily available in protobuf
- Cluster
Informations - Cluster
Metrics - the metrics of a given cluster, with several backends
- Count
Requests - Custom
Http Answers - custom HTTP answers, useful for 404, 503 pages
- Deactivate
Listener - Event
- an event produced by a worker to notify about backends status
- Filtered
Histogram - a histogram meant to be translated to prometheus
- Filtered
Metrics - A metric, in a “filtered” format, which means: sendable to outside programs.
- Filtered
Time Serie - Frontend
Filters - list the frontends, filtered by protocol and/or domain
- Hard
Stop - Header
- A single header mutation applied to a request, response, or both.
- Health
Check Config - Health
Checks List - Hsts
Config - HSTS (HTTP Strict Transport Security, RFC 6797) policy attached to
an HTTPS listener default or per-frontend. The materialised
Strict-Transport-Security: max-age=N[; includeSubDomains][; preload]header is injected on every successful HTTPS response (including proxy-generated 3xx/401/5xx default answers). Per RFC 6797 §7.2 the header MUST NOT be emitted on plaintext-HTTP responses; sozu rejects HSTS configured on an HttpListenerConfig at config-load time and gates the runtime injection oncontext.protocol == Protocol::HTTPS. - Http
Endpoint - Http
Listener Config - details of an HTTP listener
- Https
Listener Config - details of an HTTPS listener
- Initial
State - the Sōzu state, passed to a new worker. Consists in a collection of worker requests
- IpAddress
- List
Listeners - List
OfCertificates ByAddress - Used by workers to reply to some certificate queries
- List
Workers - Listed
Frontends - lists of frontends present in the state
- Listeners
Count - Addresses of listeners, passed to new workers
- Listeners
List - All listeners, listed
- Load
Balancing Params - MaxConnections
PerIp Limit 0means unlimited (the feature is disabled). Returned by workers in response toRequest.query_max_connections_per_ip.- Metric
Detail Status - Aggregated
SetMetricDetailoutcome across the fleet. Returned by the master to the requesting client (noWorkerResponsesindirection needed because the schema is symmetric per-worker). - Metric
Detail Transition - Worker-emitted cardinality-lease transition. Populates the
Event.metric_detailfield when a worker’seffectivelevel changes because a lease was applied, renewed, expired (TTL janitor), or cleared. The master folds these into the audit log alongside the operator-initiated transitions emitted frombin/src/command/requests.rs::worker_request, closing the gap where worker-local expiries previously left no audit trail. - Open
Telemetry - Path
Rule - A filter for the path of incoming requests
- Percentiles
- Protobuf
Access Log - An access log, meant to be passed to another agent
- Protobuf
Endpoint - Query
Certificates Filters - Should be either a domain name or a fingerprint. These filter do not compound, use either one but not both. If none of them is specified, all certificates will be returned.
- Query
Cluster ByDomain - Query
Clusters Hashes - Query
Health Checks - Query
MaxConnections PerIp - Query
Metrics Options - Options when querying metrics
- Remove
Backend - remove an existing backend
- Remove
Certificate - Remove
Listener - Replace
Certificate - Request
- A message received by Sōzu to change its state or query information
- Request
Counts - Request
Http Frontend - An HTTP or HTTPS frontend, as order to, or received from, Sōzu
- Request
TcpFrontend - Response
- Response to a request
- Response
Content - content of a response
- Return
Listen Sockets - Server
Config - Used by a worker to start its server loop. The defaults should match those of the config module
- Server
Metrics Config - intended to workers
- SetHealth
Check - SetMetric
Detail - Apply, renew, or release a runtime cardinality lease on the metrics drain.
- Socket
Address - matches std::net::SocketAddr in the Rust library beware that the ports are expressed with uint32 here, but they should NOT exceed uint16 value
- Soft
Stop - Status
- Subscribe
Events - TcpEndpoint
- TcpListener
Config - details of an TCP listener
- Uint128
- used to represent the 128 bits of an IPv6 address
- Update
Http Listener Config - Partial-update patch for a running HTTP listener.
Only fields that are
Somein the patch will be applied; absent fields preserve their current value on the listener. Bind-only fields (address, active) are intentionally absent — use RemoveListener + AddHttpListener to change them. - Update
Https Listener Config - Partial-update patch for a running HTTPS listener.
Only fields that are
Somein the patch will be applied; absent fields preserve their current value on the listener. Bind-only fields (tls_versions, cipher_list, cipher_suites, signature_algorithms, groups_list, certificate, certificate_chain, key, send_tls13_tickets, active) are intentionally absent — use RemoveListener + AddHttpsListener to change them. - Update
TcpListener Config - Partial-update patch for a running TCP listener.
Only fields that are
Somein the patch will be applied; absent fields preserve their current value on the listener. Bind-only fields (address, active) are intentionally absent. - Upgrade
Main - Worker
Info - Information about a worker with id, pid, runstate
- Worker
Infos - A list of worker infos
- Worker
Metric Detail Status - Per-worker outcome of a
SetMetricDetailfan-out. Reported back to the requesting client so it can decide whether the elevation actually took effect (e.g. all workers acknowledged) or whether degraded operation (some workers too old) is in play. - Worker
Metrics - All metrics of a worker: proxy and clusters Populated by Options so partial results can be sent
- Worker
Request - This is sent only from Sōzu to Sōzu
- Worker
Response - A response as sent by a worker
- Worker
Responses - a map of worker_id -> ResponseContent
Enums§
- Event
Kind - Header
Position - Where a
Headermutation applies.BOTHapplies the same edit on the request side (before backend connect) and the response side (before kawa preparation). Mirrors HAProxyhttp-request set-header/http-response set-headerparity. - Listener
Type - Load
Balancing Algorithms - Load
Metric - how sozu measures which backend is less loaded
- Metric
Detail - label-cardinality knob for the metrics drain.
Mirrors HAProxy’s
process|frontend|backend|serverextra-counters opt-in: a higher level enables more granular labels (and thus more keys), letting operators bound the StatsD keyspace explicitly. - Metrics
Configuration - options to configure metrics collection
- Path
Rule Kind - The kind of filter used for path rules
- Protobuf
Access LogFormat - Proxy
Protocol Config - Redirect
Policy - Frontend-level redirect policy. Mirrors HAProxy’s
http-request redirect|deny|authdirectives. FORWARD routes to the backend (default). PERMANENT returns 301 with aLocationheader derived fromredirect_scheme, optionalrewrite_*fields, andcluster.https_redirect_port. FOUND returns 302 — a temporary redirect (RFC 9110 §15.4.3); user agents may rewrite POST to GET on follow. PERMANENT_REDIRECT returns 308 — a permanent redirect (RFC 9110 §15.4.9); the HTTP method MUST be preserved on follow (no GET-rewrite on POST). UNAUTHORIZED returns 401 withWWW-Authenticate: Basic realm=...usingcluster.www_authenticate; suitable for blanket deny-by-default routes that still want to surface a login prompt. - Redirect
Scheme - Scheme to use when building the
Locationheader for a permanent redirect. USE_SAME preserves the request scheme (default), USE_HTTP forces<http://,> USE_HTTPS forces<https://.> - Response
Status - Rule
Position - TODO: find a proper definition for this
- RunState
- Runstate of a worker
- TlsVersion