Mixer provides three core features:
Precondition Checking. Enables callers to verify a number of preconditions before responding to an incoming request from a service consumer. Preconditions can include whether the service consumer is properly authenticated, is on the service’s whitelist, passes ACL checks, and more.
Quota Management. Enables services to allocate and free quota on a number of dimensions, Quotas are used as a relatively simple resource management tool to provide some fairness between service consumers when contending for limited resources. Rate limits are examples of quotas.
Telemetry Reporting. Enables services to report logging and monitoring. In the future, it will also enable tracing and billing streams intended for both the service operator as well as for service consumers.
rpc Check(CheckRequest) returns (CheckResponse)
Checks preconditions and allocate quota before performing an operation. The preconditions enforced depend on the set of supplied attributes and the active configuration.
rpc Report(ReportRequest) returns (ReportResponse)
Reports telemetry, such as logs and metrics. The reported information depends on the set of supplied attributes and the active configuration.
Attributes represents a set of typed name/value pairs. Many of Mixer’s API either consume and/or return attributes.
Istio uses attributes to control the runtime behavior of services running in the service mesh. Attributes are named and typed pieces of metadata describing ingress and egress traffic and the environment this traffic occurs in. An Istio attribute carries a specific piece of information such as the error code of an API request, the latency of an API request, or the original IP address of a TCP connection. For example:
request.path: xyz/abc
request.size: 234
request.time: 12:34:56.789 04/17/2017
source.ip: 192.168.0.1
target.service: example
A given Istio deployment has a fixed vocabulary of attributes that it understands. The specific vocabulary is determined by the set of attribute producers being used in the deployment. The primary attribute producer in Istio is Envoy, although specialized Mixer adapters and services can also generate attributes.
The common baseline set of attributes available in most Istio deployments is defined here.
Attributes are strongly typed. The supported attribute types are defined by ValueType. Each type of value is encoded into one of the so-called transport types present in this message.
Within this message, strings are referenced using integer indices into one of two string dictionaries. Positive integers index into the global deployment-wide dictionary, whereas negative integers index into the message-level dictionary instead. The message-level dictionary is carried by the words field of this message, the deployment-wide dictionary is determined via configuration.
| Field | Type | Description |
|---|---|---|
words[] | repeated string | The message-level dictionary. |
strings | repeated map<sint32, sint32> | Attribute payload. All sint32 values represent indices into one of the word dictionaries. Positive values are indices into the global deployment-wide dictionary, negative values are indices into the message-level dictionary. |
int64s | repeated map<sint32, int64> | |
doubles | repeated map<sint32, double> | |
bools | repeated map<sint32, bool> | |
timestamps | repeated map<sint32, Timestamp> | |
durations | repeated map<sint32, Duration> | |
bytes | repeated map<sint32, bytes> | |
stringMaps | repeated map<sint32, StringMap> |
Used to get a thumbs-up/thumbs-down before performing an action.
| Field | Type | Description |
|---|---|---|
attributes | Attributes | The attributes to use for this request. Mixer's configuration determines how these attributes are used to establish the result returned in the response. |
globalWordCount | uint32 | The number of words in the global dictionary, used with to populate the attributes. This value is used as a quick way to determine whether the client is using a dictionary that the server understands. |
deduplicationId | string | Used for deduplicating Check calls in the case of failed RPCs and retries. This should be a UUID per call, where the same UUID is used for retries of the same call. |
quotas | repeated map<string, QuotaParams> | The individual quotas to allocate |
parameters for a quota allocation
| Field | Type | Description |
|---|---|---|
amount | int64 | Amount of quota to allocate |
bestEffort | bool | When true, supports returning less quota than what was requested. |
| Field | Type | Description |
|---|---|---|
precondition | PreconditionResult | The precondition check results. |
quotas | repeated map<string, QuotaResult> | The resulting quota, one entry per requested quota. |
| Field | Type | Description |
|---|---|---|
status | Status | A status code of OK indicates all preconditions were satisfied. Any other code indicates not all preconditions were satisfied and details describe why. |
validDuration | Duration | The amount of time for which this result can be considered valid. |
validUseCount | int32 | The number of uses for which this result can be considered valid. |
attributes | Attributes | The attributes returned by Mixer. The exact set of attributes returned is determined by the set of adapters Mixer is configured with. These attributes are used to ferry new attributes that Mixer derived based on the input set of attributes and its configuration. |
referencedAttributes | ReferencedAttributes | The total set of attributes that were used in producing the result along with matching conditions. |
| Field | Type | Description |
|---|---|---|
validDuration | Duration | The amount of time for which this result can be considered valid. |
grantedAmount | int64 | The amount of granted quota. When QuotaParams.bestEffort is true, this will be >= 0. If QuotaParams.bestEffort is false, this will be either 0 or >= QuotaParams.amount. |
referencedAttributes | ReferencedAttributes | The total set of attributes that were used in producing the result along with matching conditions. |
Describes the attributes that were used to determine the response. This can be used to construct a response cache.
| Field | Type | Description |
|---|---|---|
words[] | repeated string | The message-level dictionary. Refer to Attributes for information on using dictionaries. |
attributeMatches[] | repeated AttributeMatch | Describes a set of attributes. |
| Field | Type | Description |
|---|---|---|
name | sint32 | The name of the attribute. This is a dictionary index encoded in a manner identical to all strings in the Attributes message. |
condition | Condition | The kind of match against the attribute value. |
regex | string | The matching regex in the case of condition = REGEX |
How an attribute’s value was matched
Used to report telemetry after performing one or more actions.
| Field | Type | Description |
|---|---|---|
attributes[] | repeated Attributes | The attributes to use for this request. Each Although each If a client is not sophisticated and doesn't want to use delta-encoding, a degenerate case is to include all attributes in every individual message. |
defaultWords[] | repeated string | The default message-level dictionary for all the attributes. Individual attribute messages can have their own dictionaries, but if they don't then this set of words, if it is provided, is used instead. This makes it possible to share the same dictionary for all attributes in this request, which can substantially reduce the overall request size. |
globalWordCount | uint32 | The number of words in the global dictionary. To detect global dictionary out of sync between client and server. |
NOTE: _No fields in this message type.__
A map of string to string. The keys and values in this map are dictionary indices (see the Attributes message for an explanation)
| Field | Type | Description |
|---|---|---|
entries | repeated map<sint32, sint32> |