service

package
v0.0.0-...-4234fb6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 23, 2023 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewNginxIngressReconciler

func NewNginxIngressReconciler(manager ctrl.Manager, ingConfig *manifests.NginxIngressConfig) error

Types

type NginxIngressReconciler

type NginxIngressReconciler struct {
	// contains filtered or unexported fields
}

NginxIngressReconciler manages an opinionated ingress resource for services that define certain annotations. The resulting ingress uses Keyvault for TLS, never exposes insecure (plain http) routes, and uses OSM for upstream mTLS. If those integrations aren't enabled, it won't work correctly.

Annotations: - kubernetes.azure.com/ingress-host: host of the ingress resource - kubernetes.azure.com/tls-cert-keyvault-uri: URI of the Keyvault certificate to present - kubernetes.azure.com/service-account-name: name of the service account used by upstream pods (defaults to "default") - kubernetes.azure.com/insecure-disable-osm: don't use OSM integration. Connections between ingreses controller and app will be insecure.

This functionality allows easy adoption of good ingress practices while providing an exit strategy. Users can remove the annotations and take ownership of the generated resources at any time.

func (*NginxIngressReconciler) Reconcile

func (i *NginxIngressReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL