xDS API endpoints

    Below we describe endpoints for the v2 and v3 transport API versions.

    /envoy.api.v2.ClusterDiscoveryService/StreamClusters

    POST /envoy.service.cluster.v3.ClusterDiscoveryService/StreamClusters

    See cds.proto for the service definition. This is used by Envoy as a client when

    is set in the of the Bootstrap config.

    POST /envoy.api.v2.EndpointDiscoveryService/StreamEndpoints

    POST /envoy.service.endpoint.v3.EndpointDiscoveryService/StreamEndpoints

    See for the service definition. This is used by Envoy as a client when

    1. eds_config:
    2.   api_config_source:
    3.     api_type: GRPC
    4.     transport_api_version: <V2|V3>
    5.     grpc_services:
    6.       envoy_grpc:
    7.         cluster_name: some_xds_cluster

    is set in the eds_cluster_config field of the config.

    POST /envoy.api.v2.ListenerDiscoveryService/StreamListeners

    POST /envoy.service.listener.v3.ListenerDiscoveryService/StreamListeners

    See lds.proto for the service definition. This is used by Envoy as a client when

    1. lds_config:
    2.   api_config_source:
    3.     api_type: GRPC
    4.     transport_api_version: <V2|V3>
    5.     grpc_services:
    6.       envoy_grpc:
    7.         cluster_name: some_xds_cluster

    is set in the of the Bootstrap config.

    POST /envoy.api.v2.RouteDiscoveryService/StreamRoutes

    POST /envoy.service.route.v3.RouteDiscoveryService/StreamRoutes

    See for the service definition. This is used by Envoy as a client when

    1. route_config_name: some_route_name
    2. config_source:
    3.   api_config_source:
    4.     transport_api_version: <V2|V3>
    5.     grpc_services:
    7.         cluster_name: some_xds_cluster

    is set in the rds field of the config.

    POST /envoy.api.v2.ScopedRoutesDiscoveryService/StreamScopedRoutes

    POST /envoy.service.route.v3.ScopedRoutesDiscoveryService/StreamScopedRoutes

    is set in the scoped_routes field of the config.

    POST /envoy.service.discovery.v2.SecretDiscoveryService/StreamSecrets

    POST /envoy.service.secret.v3.SecretDiscoveryService/StreamSecrets

    See sds.proto for the service definition. This is used by Envoy as a client when

    1. name: some_secret_name
    2. config_source:
    3.   api_config_source:
    4.     api_type: GRPC
    5.     transport_api_version: <V2|V3>
    6.     grpc_services:
    7.       envoy_grpc:
    8.         cluster_name: some_xds_cluster

    is set inside a message. This message is used in various places such as the CommonTlsContext.

    POST /envoy.service.discovery.v2.RuntimeDiscoveryService/StreamRuntime

    POST /envoy.service.runtime.v3.RuntimeDiscoveryService/StreamRuntime

    See for the service definition. This is used by Envoy as a client when

    1. name: some_runtime_layer_name
    2. config_source:
    3.   api_config_source:
    4.     api_type: GRPC
    5.     transport_api_version: <V2|V3>
    6.     grpc_services:
    7.       envoy_grpc:
    8.         cluster_name: some_xds_cluster

    is set inside the rtds_layer field.

    POST /v2/discovery:clusters

    POST /v3/discovery:clusters

    See for the service definition. This is used by Envoy as a client when

    1. cds_config:
    3.     transport_api_version: <V2|V3>
    4.     cluster_names: [some_xds_cluster]

    is set in the dynamic_resources of the config.

    POST /v2/discovery:endpoints

    POST /v3/discovery:endpoints

    See eds.proto for the service definition. This is used by Envoy as a client when

    is set in the field of the Cluster config.

    POST /v2/discovery:listeners

    POST /v3/discovery:listeners

    1. lds_config:
    2.   api_config_source:
    3.     api_type: REST
    4.     transport_api_version: <V2|V3>
    5.     cluster_names: [some_xds_cluster]

    is set in the of the Bootstrap config.

    POST /v2/discovery:routes

    POST /v3/discovery:routes

    See for the service definition. This is used by Envoy as a client when

    1. route_config_name: some_route_name
    2. config_source:
    3.   api_config_source:
    4.     api_type: REST
    5.     transport_api_version: <V2|V3>
    6.     cluster_names: [some_xds_cluster]

    is set in the rds field of the config.

    Note

    The management server responding to these endpoints must respond with a DiscoveryResponse along with a HTTP status of 200. Additionally, if the configuration that would be supplied has not changed (as indicated by the version supplied by the Envoy client) then the management server can respond with an empty body and a HTTP status of 304.

    While Envoy fundamentally employs an eventual consistency model, ADS provides an opportunity to sequence API update pushes and ensure affinity of a single management server for an Envoy node for API updates. ADS allows one or more APIs and their resources to be delivered on a single, bidirectional gRPC stream by the management server. Without this, some APIs such as RDS and EDS may require the management of multiple streams and connections to distinct management servers.

    ADS will allow for hitless updates of configuration by appropriate sequencing. For example, suppose foo.com was mapped to cluster X. We wish to change the mapping in the route table to point foo.com at cluster Y. In order to do this, a CDS/EDS update must first be delivered containing both clusters X and Y.

    Without ADS, the CDS/EDS/RDS streams may point at distinct management servers, or when on the same management server at distinct gRPC streams/connections that require coordination. The EDS resource requests may be split across two distinct streams, one for X and one for Y. ADS allows these to be coalesced to a single stream to a single management server, avoiding the need for distributed synchronization to correctly sequence the update. With ADS, the management server would deliver the CDS, EDS and then RDS updates on a single stream.

    ADS is only available for gRPC streaming (not REST) and is described more fully in document. The gRPC endpoint is:

    POST /envoy.service.discovery.v2.AggregatedDiscoveryService/StreamAggregatedResources

    POST /envoy.service.discovery.v3.AggregatedDiscoveryService/StreamAggregatedResources

    See discovery.proto for the service definition. This is used by Envoy as a client when

    1. ads_config:
    2.   api_type: GRPC
    3.   transport_api_version: <V2|V3>
    4.   grpc_services:
    5.     envoy_grpc:
    6.       cluster_name: some_ads_cluster

    is set in the of the Bootstrap config.

    When this is set, any of the configuration sources can be set to use the ADS channel. For example, a LDS config could be changed from

    to

    with the effect that the LDS stream will be directed to some_ads_cluster over the shared ADS channel.

    The REST, filesystem, and original gRPC xDS implementations all deliver “state of the world” updates: every CDS update must contain every cluster, with the absence of a cluster from an update implying that the cluster is gone. For Envoy deployments with huge amounts of resources and even a trickle of churn, these state-of-the-world updates can be cumbersome.

    To use delta, simply set the api_type field of your ApiConfigSource proto(s) to DELTA_GRPC. That works for both xDS and ADS; for ADS, it’s the api_type field of , as described in the previous section.