The name assigned to the route for debugging purposes.

Match conditions to be satisfied for the rule to be activated. All conditions inside a single match block have AND semantic.

A Route rule can forward (default) traffic. The forwarding target can be one of several versions of a service (see glossary in beginning of document). Weights associated with the service version determine the proportion of traffic it receives.

Specifies a list of key-value pairs that should be mutated for each request. How to interpret the key-value pairs depends on the codec implementation

Specifies a list of key-value pairs that should be mutated for each response. How to interpret the key-value pairs depends on the codec implementation

Key name.

alue.

If the value is empty and only the name of attribute is specified, presence of the attribute is checked.

Destination uniquely identifies the instances of a service to which the request/connection should be forwarded to.

The proportion of traffic to be forwarded to the service version. (0-100). Sum of weights across destinations SHOULD BE == 100. If there is only one destination in a rule, the weight value is assumed to be 100.

The name of a service from the service registry. Service names are looked up from the platform’s service registry (e.g., Kubernetes services, Consul services, etc.) and from the hosts declared by ServiceEntry. Traffic forwarded to destinations that are not found in either of the two, will be dropped.

Note for Kubernetes users: When short names are used (e.g. “reviews” instead of “reviews.default.svc.cluster.local”), Istio will interpret the short name based on the namespace of the rule, not the service. A rule in the “default” namespace containing a host “reviews will be interpreted as “reviews.default.svc.cluster.local”, irrespective of the actual namespace associated with the reviews service. To avoid potential misconfiguration, it is recommended to always use fully qualified domain names over short names.

The name of a subset within the service. Applicable only to services within the mesh. The subset must be defined in a corresponding DestinationRule.

Specifies the port on the host that is being addressed. If a service exposes only a single port it is not required to explicitly select the port.

Valid port number

The default token bucket configuration to use for rate limiting requests that are processed by this filter. Local rate limiter will first check the conditions, if a specific condition matches, then the token bucket within that condition will be applied to the incoming request. All the other requests that don’t match the conditions will be rate limited by the default token bucket. If the default token bucket is not specified, then the requests that don’t match the conditions will not be rate limited. At least one of token_bucket or conditions should have value.

The more specific rate limit conditions, the first match will be used.

The maximum tokens that the bucket can hold. This is also the number of tokens that the bucket initially contains. The value must be greater than 1.

The number of tokens added to the bucket during each fill interval. The value must be greater than 1. If not specified, defaults to a single token.

The fill interval that tokens are added to the bucket. During each fill interval tokens_per_fill are added to the bucket. The bucket will never contain more than max_tokens tokens.

Match conditions to be satisfied for the rate limit rule to be activated. All conditions inside a single match block have AND semantic. If the match is not specified, then all the incoming requests will be considered matched.

The token bucket for this particular condition

The property extracted from the requests

The corresponding descriptor key in the rate limit server configuration