DescribeNamespaceScopeSidecarConfig - Alibaba Cloud Service Mesh

Queries the configurations of sidecar proxies at the namespace level.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
ServiceMeshId	string	Yes	The ID of the ASM instance.	c7120e75a202d4fd8acb028a86b6a****
Namespace	string	No	The namespace.	default

Response parameters

Parameter	Type	Description	Example
	object	The response parameters.
RequestId	string	The request ID.	31d3a0f0-07ed-4f6e-9004-1804498c****
ConfigPatches	object	The namespace-level sidecar proxy configurations.
TerminationDrainDuration	string	The maximum period of time allowed for connections to complete on sidecar proxy shutdown.	6s
SidecarProxyInitResourceLimit	object	The maximum size of resources that are available to the istio-init container in the pod into which the sidecar proxy is injected. The istio-init container is used in this topic.
ResourceCPULimit	string	The maximum number of CPU cores.	2000 m
ResourceMemoryLimit	string	The maximum size of the memory.	50 Mi
SidecarProxyInitResourceRequest	object	The minimum size of resources that are required by the istio-init container.
ResourceCPURequest	string	The minimum number of CPU cores.	60 m
ResourceMemoryRequest	string	The minimum size of the memory.	30 Mi
SidecarProxyResourceLimit	object	The maximum size of resources that are available to the sidecar proxy container.
ResourceCPULimit	string	The maximum number of CPU cores.	2000 m
ResourceMemoryLimit	string	The maximum size of the memory.	50 Mi
SidecarProxyResourceRequest	object	The minimum size of resources that are required by the sidecar proxy container.
ResourceCPURequest	string	The minimum number of CPU cores.	60 m
ResourceMemoryRequest	string	The minimum size of the memory.	30 Mi
ExcludeOutboundPorts	string	The outbound ports to be excluded from redirection to the sidecar proxy in the ASM instance.	81
ExcludeOutboundIPRanges	string	The outbound IP ranges in CIDR form to be excluded from redirection to the sidecar proxy in the ASM instance.	192.168.1.3/31
IncludeOutboundIPRanges	string	The outbound IP ranges in CIDR form for which traffic is to be redirected to the sidecar proxy in the ASM instance.	192.168.1.4/31
ExcludeInboundPorts	string	The inbound ports to be excluded from redirection to the sidecar proxy in the ASM instance.	82
IncludeInboundPorts	string	The inbound ports for which traffic is to be redirected to the sidecar proxy in the ASM instance.	83
IncludeOutboundPorts	string	The outbound ports for which traffic is to be redirected to the sidecar proxy in the ASM instance.	84
IstioDNSProxyEnabled	boolean	Indicates whether the Domain Name System (DNS) proxy feature is enabled. Valid values: `true` `false`	true
LifecycleStr	string	The JSON string that describes the lifecycle of the sidecar proxy.	{"postStart":{"exec":{"command":["pilot-agent","wait"]}},"preStop":{"exec":{"command":["/bin/sh","-c","sleep 15"]}}}
Concurrency	integer	The number of worker threads to run in the istio-proxy container.	2
LogLevel	string	The log level. Valid values: `info`, `debug`, `trace`, and `error`.	info
HoldApplicationUntilProxyStarts	boolean	Indicates whether applications can be started only after the istio-proxy container starts. Valid values: `true`: Applications can be started only after the istio-proxy container starts. `false`: Applications can be started before the istio-proxy container starts.	true
ProxyStatsMatcher	object	The custom Envoy statistics that are reported by the sidecar proxy.
InclusionPrefixes	array	The prefixes of the custom Envoy statistics that are reported by the sidecar proxy.
	string	The prefix of the custom Envoy statistics that are reported by the sidecar proxy.	server
InclusionSuffixes	array	The suffixes of the custom Envoy statistics that are reported by the sidecar proxy.
	string	The suffix of the custom Envoy statistics that are reported by the sidecar proxy.	cluster.outbound
InclusionRegexps	array	The regular expressions for specifying the custom Envoy statistics that are reported by the sidecar proxy.
	string	The regular expression for specifying the custom Envoy statistics that are reported by the sidecar proxy.	listener.*.downstream_cx_total
Tracing	object	The custom configurations of Tracing Analysis.
Sampling	double	The sampling rate.	99.8
CustomTags	object	The custom tags added to reported spans. The key of a tag is of the string type. The value of a tag is in the JSON format. A custom tag can belong to one of the following types: `literal`: The tag value is a fixed value in the JSON format. This tag must contain the `value` field that specifies a literal. Example: `{"value":"test"}`. `header`: The tag value is a request header in the JSON format. This tag must contain the `name` field and the `defaultValue` field. The name field indicates the name of the request header. The defaultValue field indicates the default value that is used when no request header is available. Example: `{"name":"test","defaultValue":"test"}`. `environment`: The tag value is an environment variable in the JSON format. This tag must contain the `name` field and the `defaultValue` field. The name field indicates the name of the environment variable. The defaultValue field indicates the environment variable that is used when no environment variable is available. Example: `{"name":"test","defaultValue":"test"}`.	{"test":{"literal":{"value":"test"}}}
MaxPathTagLength	integer	The maximum tag length.	10
InterceptionMode	string	The mode in which the sidecar proxy intercepts inbound traffic. Valid values: `REDIRECT` (default): In this mode, source IP addresses are lost during traffic redirection to the sidecar proxy. `TPROXY`: In this mode, both the source and destination IP addresses and ports are preserved.	TPROXY
SidecarProxyInitAckSloResource	object	The reclaimed Container Service for Kubernetes (ACK) resources for the istio-init container. This configuration item indicates the resources of the istio-init container in a pod labeled with `koordinator.sh/qosClass`. Reclaimed ACK resources are resources that can be dynamically overcommitted.
Requests	object	The minimum size of reclaimed ACK resources that the istio-init container needs to use at runtime. This configuration item indicates the minimum size of reclaimed ACK resources for the istio-init container in a pod labeled with `koordinator.sh/qosClass`. The object can contain the following two types of keys, which indicate two types of resources: `kubernetes.io/batch-cpu`: CPU resources that can be dynamically overcommitted. Unit: millicore. `kubernetes.io/batch-memory`: memory resources that can be dynamically overcommitted.
	string		128Mi
Limits	object	The maximum size of reclaimed ACK resources that are available to the istio-init container. This configuration item indicates the maximum size of resources that are available to the istio-init container in a pod labeled with `koordinator.sh/qosClass`. The object can contain the following two types of keys, which indicate two types of resources: `kubernetes.io/batch-cpu`: CPU resources that can be dynamically overcommitted. Unit: millicore. `kubernetes.io/batch-memory`: memory resources that can be dynamically overcommitted.
	string		2048Mi
SidecarProxyAckSloResource	object	The maximum size of reclaimed ACK resources that are available to the sidecar proxy container. This configuration item indicates the maximum size of resources that are available to the sidecar proxy container in a pod labeled with `koordinator.sh/qosClass`.
Requests	object	The minimum size of reclaimed ACK resources that the sidecar proxy container needs to use at runtime. This configuration item indicates the minimum size of reclaimed ACK resources for the sidecar proxy container in a pod labeled with `koordinator.sh/qosClass`. The object can contain the following two types of keys, which indicate two types of resources: `kubernetes.io/batch-cpu`: CPU resources that can be dynamically overcommitted. Unit: millicore. `kubernetes.io/batch-memory`: memory resources that can be dynamically overcommitted.
	string		128Mi
Limits	object	The maximum size of reclaimed ACK resources that are available to the sidecar proxy container. This configuration item indicates the maximum size of resources that are available to the sidecar proxy container in a pod labeled with `koordinator.sh/qosClass`. The object can contain the following two types of keys, which indicate two types of resources: `kubernetes.io/batch-cpu`: CPU resources that can be dynamically overcommitted. Unit: millicore. `kubernetes.io/batch-memory`: memory resources that can be dynamically overcommitted.
	string		2048Mi
Privileged	boolean	Indicates whether the privileged mode is enabled in the security context of the sidecar proxy containers. Valid values: `true`: The privileged mode is enabled, that is, the sidecar proxy containers run in privileged mode. `false`: The privileged mode is not enabled.	false
EnableCoreDump	boolean	Indicates whether the core dump feature is enabled for the sidecar proxy containers. Valid values: `true` `false`	false
ReadinessInitialDelaySeconds	integer	The amount of time to wait before the first readiness check of a sidecar proxy container is performed. Unit: seconds.	2
ReadinessPeriodSeconds	integer	The interval between two readiness checks of a sidecar proxy container. Unit: seconds.	3
ReadinessFailureThreshold	integer	The number of readiness check failures required before marking a sidecar proxy container as not ready.	5

Examples

Sample success responses

JSONformat

{
  "RequestId": "31d3a0f0-07ed-4f6e-9004-1804498c****",
  "ConfigPatches": {
    "TerminationDrainDuration": "6s",
    "SidecarProxyInitResourceLimit": {
      "ResourceCPULimit": "2000 m",
      "ResourceMemoryLimit": "50 Mi"
    },
    "SidecarProxyInitResourceRequest": {
      "ResourceCPURequest": "60 m",
      "ResourceMemoryRequest": "30 Mi"
    },
    "SidecarProxyResourceLimit": {
      "ResourceCPULimit": "2000 m",
      "ResourceMemoryLimit": "50 Mi"
    },
    "SidecarProxyResourceRequest": {
      "ResourceCPURequest": "60 m",
      "ResourceMemoryRequest": "30 Mi"
    },
    "ExcludeOutboundPorts": "81",
    "ExcludeOutboundIPRanges": "192.168.1.3/31",
    "IncludeOutboundIPRanges": "192.168.1.4/31",
    "ExcludeInboundPorts": "82",
    "IncludeInboundPorts": "83",
    "IncludeOutboundPorts": "84",
    "IstioDNSProxyEnabled": true,
    "LifecycleStr": "{\"postStart\":{\"exec\":{\"command\":[\"pilot-agent\",\"wait\"]}},\"preStop\":{\"exec\":{\"command\":[\"/bin/sh\",\"-c\",\"sleep 15\"]}}}",
    "Concurrency": 2,
    "LogLevel": "info",
    "HoldApplicationUntilProxyStarts": true,
    "ProxyStatsMatcher": {
      "InclusionPrefixes": [
        "server"
      ],
      "InclusionSuffixes": [
        "cluster.outbound"
      ],
      "InclusionRegexps": [
        "listener.*.downstream_cx_total"
      ]
    },
    "Tracing": {
      "Sampling": 99.8,
      "CustomTags": {
        "test": {
          "literal": {
            "value": "test"
          }
        }
      },
      "MaxPathTagLength": 10
    },
    "InterceptionMode": "TPROXY",
    "ProxyMetadata": {
      "key": "\"true\""
    },
    "SidecarProxyInitAckSloResource": {
      "Requests": {
        "key": "128Mi"
      },
      "Limits": {
        "key": "2048Mi"
      }
    },
    "SidecarProxyAckSloResource": {
      "Requests": {
        "key": "128Mi"
      },
      "Limits": {
        "key": "2048Mi"
      }
    },
    "Privileged": false,
    "EnableCoreDump": false,
    "ReadinessInitialDelaySeconds": 2,
    "ReadinessPeriodSeconds": 3,
    "ReadinessFailureThreshold": 5
  }
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-08-31

The response structure of the API has changed

see changesets

Change item	Change content
Output Parameters	The response structure of the API has changed.

2023-03-27

The response structure of the API has changed

see changesets

Change item	Change content
Output Parameters	The response structure of the API has changed.