Reverse Tunnel Reporting Service (proto)

extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.StreamReverseTunnelsRequest

[extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.StreamReverseTunnelsRequest proto]

Request message sent by Envoy to report reverse tunnel state changes.

{
  "node": {...},
  "added_tunnels": [],
  "removed_tunnel_names": [],
  "full_push": ...,
  "nonce": ...
}

node: (config.core.v3.Node, REQUIRED) Node identifier for the reporting Envoy instance. This identifies which Envoy instance is sending the report.

added_tunnels: (repeated extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.ReverseTunnel) List of reverse tunnels that were established since the last report. Each tunnel represents a new connection from a downstream Envoy.

removed_tunnel_names: (repeated string) List of tunnel names that were disconnected since the last report. Only the tunnel name is needed for removal notifications.

full_push: (bool) Indicates whether this report contains all active tunnels (true) or only changes since the last report (false). Usually invoked only on server disconnects.

nonce: (int64) Unique nonce for this request to enable proper ACK/NACK handling. Must be non-negative and should increment for each request. This can also be modified to be used for checksum and tracking in the future.

extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.StreamReverseTunnelsResponse

[extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.StreamReverseTunnelsResponse proto]

Response message sent by the management server to control reporting behavior.

{
  "node_id": ...,
  "report_interval": {...},
  "request_nonce": ...,
  "error_detail": {...}
}

node_id: (string) Node identifier acknowledging which Envoy instance this response is for. Should match the node from the corresponding request.

report_interval: (Duration) Interval at which Envoy should send tunnel state reports. This is used to change the reporting_interval -> no need to repeat the same value.

request_nonce: (int64) Nonce from the request being acknowledged or rejected. Must match the nonce from the corresponding request.

error_detail: (Status) Error details if the previous request failed processing. If populated, indicates the request was rejected (NACK). If empty, indicates successful processing (ACK). NACK will terminate the connection -> useful for logging rather than just some disconnect. So basically -> NACK then terminate.

extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.ReverseTunnel

[extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.ReverseTunnel proto]

Represents a single reverse tunnel connection with its metadata.

{
  "name": ...,
  "identity": {...},
  "created_at": {...}
}

name: (string, REQUIRED) Unique name to identify this tunnel connection. Must be unique within the reporting Envoy instance. This is also used for the reporting the disconnection with the associated tunnel initiator.

identity: (extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.TunnelInitiatorIdentity, REQUIRED) Identity information of the tunnel initiator (downstream Envoy). Contains node_id, cluster_id, and tenant_id for proper identification.

created_at: (Timestamp) Timestamp when this tunnel connection was created. Used for ordering events and debugging connection timing issues.

extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.TunnelInitiatorIdentity

[extensions.reverse_tunnel_reporters.v3alpha.clients.grpc_client.TunnelInitiatorIdentity proto]

{
  "tenant_id": ...,
  "cluster_id": ...,
  "node_id": ...
}

tenant_id: (string, REQUIRED) Required: Tenant identifier of the initiating Envoy instance.

cluster_id: (string, REQUIRED) Required: Cluster identifier of the initiating Envoy instance.

node_id: (string, REQUIRED) Required: Node identifier of the initiating Envoy instance.