controller

package
v3.0.0-beta-2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 9, 2024 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultCustomResourceLabel is a label used for F5 Custom Resources.
	DefaultCustomResourceLabel = "f5cr in (true)"
	// VirtualServer is a F5 Custom Resource Kind.
	VirtualServer = "VirtualServer"
	// TLSProfile is a F5 Custom Resource Kind
	TLSProfile = "TLSProfile"
	// IngressLink is a Custom Resource used by both F5 and Nginx
	IngressLink = "IngressLink"
	// TransportServer is a F5 Custom Resource Kind
	TransportServer = "TransportServer"
	// ExternalDNS is a F5 Custom Resource Kind
	ExternalDNS = "ExternalDNS"
	// Policy is collection of BIG-IP profiles, LTM policies and iRules
	CustomPolicy = "CustomPolicy"
	// IPAM is a F5 Custom Resource Kind
	IPAM = "IPAM"
	// Service is a k8s native Service Resource.
	Service = "Service"
	//Pod  is a k8s native object
	Pod = "Pod"
	//Secret  is a k8s native object
	K8sSecret = "Secret"
	// Endpoints is a k8s native Endpoint Resource.
	Endpoints = "Endpoints"
	// Namespace is k8s namespace
	Namespace = "Namespace"
	// ConfigCR is k8s native ConfigCR resource
	ConfigCR = "ConfigCR"
	// Route is OpenShift Route
	Route = "Route"
	// Node update
	NodeUpdate = "Node"

	NodePort = "nodeport"
	Cluster  = "cluster"
	Auto     = "auto"

	StandAloneCIS = "standalone"
	SecondaryCIS  = "secondary"
	PrimaryCIS    = "primary"
	// Namespace is k8s namespace
	HACIS = "HACIS"

	// Primary cluster health probe
	DefaultProbeInterval = 60
	DefaultRetryInterval = 15

	PolicyControlForward = "forwarding"
	// Namespace for IPAM CRD
	IPAMNamespace = "kube-system"

	// TLS Terminations
	TLSEdge             = "edge"
	AllowSourceRange    = "allowSourceRange"
	DefaultPool         = "defaultPool"
	TLSReencrypt        = "reencrypt"
	TLSPassthrough      = "passthrough"
	TLSRedirectInsecure = "redirect"
	TLSAllowInsecure    = "allow"
	TLSNoInsecure       = "none"

	LBServiceIPAMLabelAnnotation  = "cis.f5.com/ipamLabel"
	LBServiceIPAnnotation         = "cis.f5.com/ip"
	LBServiceHostAnnotation       = "cis.f5.com/host"
	HealthMonitorAnnotation       = "cis.f5.com/health"
	LBServicePolicyNameAnnotation = "cis.f5.com/policyName"

	//Antrea NodePortLocal support
	NPLPodAnnotation = "nodeportlocal.antrea.io"
	NPLSvcAnnotation = "nodeportlocal.antrea.io/enabled"
	NodePortLocal    = "nodeportlocal"

	Create = "Create"
	Update = "Update"
	Delete = "Delete"

	// DefaultNativeResourceLabel is a label used for kubernetes/openshift Resources.
	DefaultNativeResourceLabel = "f5nr in (true)"

	Local = "local"

	F5RouterName = "F5 BIG-IP"

	HTTP  = "http"
	HTTPS = "https"

	//OVN K8S CNI
	OVN_K8S                    = "ovn-k8s"
	OVNK8sNodeSubnetAnnotation = "k8s.ovn.org/node-subnets"
	OVNK8sNodeIPAnnotation     = "k8s.ovn.org/node-primary-ifaddr"
	//k8s.ovn.org/host-addresses is changed to k8s.ovn.org/host-cidrs in openshift 4.14
	OVNK8sNodeIPAnnotation2 = "k8s.ovn.org/host-addresses"
	OvnK8sNodeIPAnnotation3 = "k8s.ovn.org/host-cidrs"

	//Cilium CNI
	CILIUM                          = "cilium"
	CiliumK8sNodeSubnetAnnotation12 = "io.cilium.network.ipv4-pod-cidr"
	CiliumK8sNodeSubnetAnnotation13 = "network.cilium.io/ipv4-pod-cidr"

	//Calico CNI
	CALICO                      = "calico"
	CALICO_API_BLOCK_AFFINITIES = "/apis/crd.projectcalico.org/v1/blockaffinities"
	CALICONodeIPAnnotation      = "projectcalico.org/IPv4Address"

	//CNI plugin
	FLANNEL      = "flannel"
	ANTREA       = "antrea"
	OPENSHIFTSDN = "OpenShiftSDN"

	F5VsWAFPolicy                      = "virtual-server.f5.com/waf"
	F5VsAllowSourceRangeAnnotation     = "virtual-server.f5.com/allow-source-range"
	MultiClusterServicesAnnotation     = "virtual-server.f5.com/multiClusterServices"
	F5VsBalanceAnnotation              = "virtual-server.f5.com/balance"
	F5VsAppRootAnnotation              = "virtual-server.f5.com/rewrite-app-root"
	F5VsURLRewriteAnnotation           = "virtual-server.f5.com/rewrite-target-url"
	F5ServerSslProfileAnnotation       = "virtual-server.f5.com/serverssl"
	F5ClientSslProfileAnnotation       = "virtual-server.f5.com/clientssl"
	F5HealthMonitorAnnotation          = "virtual-server.f5.com/health"
	PodConcurrentConnectionsAnnotation = "virtual-server.f5.com/pod-concurrent-connections"

	TLSVerion1_3 TLSVersion = "1.3"

	Active          cisapiv1.HAModeType      = "active-active"
	StandBy         cisapiv1.HAModeType      = "active-standby"
	Ratio           cisapiv1.HAModeType      = "ratio"
	None            cisapiv1.AutoMonitorType = "none"
	ReadinessProbe  cisapiv1.AutoMonitorType = "readiness-probe"
	ServiceEndpoint cisapiv1.AutoMonitorType = "service-endpoint"

	Ok              = "Ok"
	UnknownResponse = "unknown response"
)
View Source 
const (
	DEFAULT_HTTP_PORT  int32  = 80
	DEFAULT_HTTPS_PORT int32  = 443
	DEFAULT_SNAT       string = "auto"

	// Constants for CustomProfile.Type as defined in CCCL
	CustomProfileClient string = "clientside"
	CustomProfileServer string = "serverside"

	// Constants for CustomProfile.PeerCertMode
	PeerCertRequired = "require"

	// Constants
	HttpRedirectIRuleName = "http_redirect_irule"
	// Constants
	HttpRedirectNoHostIRuleName = "http_redirect_irule_nohost"
	// Internal data group for https redirect
	HttpsRedirectDgName = "https_redirect_dg"
	TLSIRuleName        = "tls_irule"
	ABPathIRuleName     = "ab_deployment_path_irule"
)
View Source 
const (
	// reference for profiles stored in BIG-IP
	BIGIP = "bigip"
	// reference for profiles stores as secrets in k8s cluster
	Secret = "secret"
	// reference for routes
	Certificate = "certificate"
	// reference for service“
	ServiceRef = "service"
)

constants for TLS references

View Source 
const (
	PolicySSLOption           = "policySSL"
	AnnotationSSLOption       = "annotation"
	RouteCertificateSSLOption = "routeCertificate"
	DefaultSSLOption          = "defaultSSL"
	InvalidSSLOption          = "invalid"
)

constants for SSL options

View Source 
const (
	NetworkConfigInvalid   = "network config is invalid"
	NamespaceConfigInvalid = "namespace config is invalid"
	DeployConfigInvalid    = "deploy config is invalid"
)

Constants for Errors

View Source 
const AbDeploymentDgName = "ab_deployment_dg"

Internal data group for ab deployment routes.

View Source 
const AllowSourceRangeDgName = "allowSourceRange"
View Source 
const BigIPLabel = ""
View Source 
const CmDeclareApi = "/api/v1/spaces/default/appsvcs/declare"
View Source 
const CmDeclareInfoApi = "/api/v1/spaces/default/appsvcs/info"
View Source 
const CmDeclareTaskApi = "/api/v1/spaces/default/appsvcs/task/"
View Source 
const DataGroupAllowSourceRangeType = "ip"

Allow Source Range

View Source 
const DataGroupType = "string"

Internal DataGroup Default Type

View Source 
const DefaultPoolsDgName = "default_pool_servername_dg"

Internal data group for default pool of a virtual server.

View Source 
const EdgeHostsDgName = "ssl_edge_servername_dg"

Internal data group for edge termination.

View Source 
const EdgeServerSslDgName = "ssl_edge_serverssl_dg"

Internal data group for edge termination that maps the host name to the false. This will help Irule to understand ssl should be disabled on serverside.

View Source 
const PassthroughHostsDgName = "ssl_passthrough_servername_dg"

Internal data group for passthrough termination.

View Source 
const ReencryptHostsDgName = "ssl_reencrypt_servername_dg"

Internal data group for reencrypt termination.

View Source 
const ReencryptServerSslDgName = "ssl_reencrypt_serverssl_dg"

Internal data group for reencrypt termination that maps the host name to the server ssl profile.

Variables

View Source 
var DEFAULT_GTM_PARTITION string
View Source 
var DEFAULT_PARTITION string
View Source 
var K8SCoreServices = map[string]bool{
	"kube-dns":                    true,
	"kube-scheduler":              true,
	"kube-controller-manager":     true,
	"kube-apiserver":              true,
	"docker-registry":             true,
	"kubernetes":                  true,
	"registry-console":            true,
	"router":                      true,
	"kubelet":                     true,
	"console":                     true,
	"alertmanager-main":           true,
	"alertmanager-operated":       true,
	"cluster-monitoring-operator": true,
	"kube-state-metrics":          true,
	"node-exporter":               true,
	"kube-proxy":                  true,
	"flannel":                     true,
	"etcd":                        true,
	"antrea":                      true,
}
View Source 
var OSCPCoreServices = map[string]bool{
	"openshift":                          true,
	"metrics":                            true,
	"api":                                true,
	"check-endpoints":                    true,
	"oauth-openshift":                    true,
	"cco-metrics":                        true,
	"machine-approver":                   true,
	"node-tuning-operator":               true,
	"performance-addon-operator-service": true,
	"cluster-storage-operator-metrics":   true,
	"csi-snapshot-controller-operator-metrics": true,
	"csi-snapshot-webhook":                     true,
	"cluster-version-operator":                 true,
	"downloads":                                true,
	"controller-manager":                       true,
	"dns-default":                              true,
	"image-registry-operator":                  true,
	"router-internal-default":                  true,
	"apiserver":                                true,
	"scheduler":                                true,
	"cluster-autoscaler-operator":              true,
	"cluster-baremetal-operator-service":       true,
	"cluster-baremetal-webhook-service":        true,
	"machine-api-controllers":                  true,
	"machine-api-operator":                     true,
	"machine-api-operator-webhook":             true,
	"machine-config-controller":                true,
	"machine-config-daemon":                    true,
	"certified-operators":                      true,
	"community-operators":                      true,
	"marketplace-operator-metrics":             true,
	"redhat-marketplace":                       true,
	"redhat-operators":                         true,
	"openshift-state-metrics":                  true,
	"telemeter-client":                         true,
	"thanos-querier":                           true,
	"multus-admission-controller":              true,
	"network-metrics-service":                  true,
	"network-check-source":                     true,
	"network-check-target":                     true,
	"catalog-operator-metrics":                 true,
	"olm-operator-metrics":                     true,
	"packageserver-service":                    true,
	"sdn":                                      true,
	"sdn-controller":                           true,
}

Functions

func AS3NameFormatter 

func AS3NameFormatter(name string) string

AS3NameFormatter formarts resources names according to AS3 convention TODO: Should we use this? Or this will be done in agent?

func DeepEqualJSON 

func DeepEqualJSON(decl1, decl2 as3Declaration) bool

func JoinBigipPath 

func JoinBigipPath(partition, objName string) string

func ParseRewriteAction 

func ParseRewriteAction(targetUrlPath, valueUrlPath string) string

func ParseWhitelistSourceRangeAnnotations 

func ParseWhitelistSourceRangeAnnotations(annotation string) []string

Types

type AS3PostManager 

type AS3PostManager struct {
	AS3VersionInfo as3VersionInfo
	AS3Config      cisapiv1.AS3Config
	// contains filtered or unexported fields
}

type AlternateBackend 

type AlternateBackend struct {
	Service          string `json:"service"`
	ServiceNamespace string `json:"serviceNamespace,omitempty"`
	Weight           int32  `json:"weight,omitempty"`
}

AlternateBackends lists backend svc of A/B

type AnalyticsProfiles 

type AnalyticsProfiles struct {
	HTTPAnalyticsProfile string `json:"http,omitempty"`
}

type AnnotationsUsed 

type AnnotationsUsed struct {
	WAF              bool
	AllowSourceRange bool
}

type BIGIPConfigs 

type BIGIPConfigs []cisapiv1.BigIpConfig

BigIP struct to hold the bigip address and label for HA pairs

func (BIGIPConfigs) Len 

func (configs BIGIPConfigs) Len() int

sort BIGIP config by bigip label

func (BIGIPConfigs) Less 

func (configs BIGIPConfigs) Less(i, j int) bool

func (BIGIPConfigs) Swap 

func (configs BIGIPConfigs) Swap(i, j int)

type BigIPSSLProfiles 

type BigIPSSLProfiles struct {
	// contains filtered or unexported fields
}

type BigIpConfigMap 

type BigIpConfigMap map[cisapiv1.BigIpConfig]BigIpResourceConfig

BigIpConfigMap Where key is the BigIP structure and value is the bigip-next configuration

type BigIpResourceConfig 

type BigIpResourceConfig struct {
	// contains filtered or unexported fields
}

BigIpResourceConfig struct to hold the bigip-next ltm and gtm configuration

type CMConfig 

type CMConfig struct {
	URL      string
	UserName string
	Password string
}

CMConfig defines the Central Manager config

type CRInformer 

type CRInformer struct {
	// contains filtered or unexported fields
}

CRInformer defines the structure of Custom Resource Informer

type CacheIPAM 

type CacheIPAM struct {
	IPAM *ficV1.IPAM
	sync.Mutex
}

type ClientSets 

type ClientSets struct {
	KubeCRClient  versioned.Interface
	KubeClient    kubernetes.Interface
	RouteClientV1 routeclient.RouteV1Interface
}

type CommonInformer 

type CommonInformer struct {
	// contains filtered or unexported fields
}

type Controller 

type Controller struct {
	PostParams      PostParams
	RequestHandler  *RequestHandler
	PoolMemberType  string
	UseNodeInternal bool

	TeemData *teem.TeemsData

	StaticRoutingMode   bool
	OrchestrationCNI    string
	StaticRouteNodeCIDR string

	CMTokenManager *tokenmanager.TokenManager

	ControllerIdentifier string
	// contains filtered or unexported fields
}

Controller defines the structure of K-Native and Custom Resource Controller

func NewController 

func NewController(params Params, statusManager *statusmanager.StatusManager) *Controller

NewController creates a new Controller Instance.

func RunController 

func RunController(params Params) *Controller

RunController creates a new controller and starts it.

func (*Controller) CISHealthCheckHandler 

func (ctlr *Controller) CISHealthCheckHandler() http.Handler

func (*Controller) GetHostFromHostPath 

func (ctlr *Controller) GetHostFromHostPath(hostPath string) string

func (*Controller) GetNodePodCIDRMap 

func (ctlr *Controller) GetNodePodCIDRMap() map[string]string

func (*Controller) GetPodsForService 

func (ctlr *Controller) GetPodsForService(namespace, serviceName string, nplAnnotationRequired bool) []*v1.Pod

GetPodsForService returns podList with labels set to svc selector

func (*Controller) GetPoolBackends 

func (ctlr *Controller) GetPoolBackends(pool *cisapiv1.VSPool) []SvcBackendCxt

return the services associated with a virtualserver pool (svc names + weight)

func (*Controller) GetRouteBackends 

func (ctlr *Controller) GetRouteBackends(route *routeapi.Route, clusterSvcs []cisapiv1.MultiClusterServiceReference) []RouteBackendCxt

GetRouteBackends returns the services associated with a route (names + weight)

func (*Controller) GetService 

func (ctlr *Controller) GetService(namespace, serviceName string) *v1.Service

returns service obj with servicename

func (*Controller) GetServiceRouteWithoutHealthAnnotation 

func (ctlr *Controller) GetServiceRouteWithoutHealthAnnotation(svcKey MultiClusterServiceKey) *routeapi.Route

func (*Controller) GetServicesForPod 

func (ctlr *Controller) GetServicesForPod(pod *v1.Pod, clusterName string) *v1.Service

func (*Controller) HandlePathBasedABIRule 

func (ctlr *Controller) HandlePathBasedABIRule(
	rsCfg *ResourceConfig,
	vsHost string,
	tlsTerminationType string,
)

func (*Controller) NewRequestHandler 

func (ctlr *Controller) NewRequestHandler(userAgent string, httpClientMetrics bool)

func (*Controller) ProcessAssociatedExternalDNS 

func (ctlr *Controller) ProcessAssociatedExternalDNS(hostnames []string)

func (*Controller) ProcessNodeUpdate 

func (ctlr *Controller) ProcessNodeUpdate(obj interface{}, clusterName string)

ProcessNodeUpdate Check for a change in Node state

func (*Controller) ProcessRouteEDNS 

func (ctlr *Controller) ProcessRouteEDNS(hosts []string)

func (*Controller) SetupNodeProcessing 

func (ctlr *Controller) SetupNodeProcessing(clusterName string) error

func (*Controller) Start 

func (ctlr *Controller) Start()

Start the Controller

func (*Controller) Stop 

func (ctlr *Controller) Stop()

Stop the Controller

func (*Controller) UpdatePoolHealthMonitors 

func (ctlr *Controller) UpdatePoolHealthMonitors(svcKey MultiClusterServiceKey)

UpdatePoolHealthMonitors we need to call this method on update of pod/ pool members update

func (*Controller) UpdatePoolMembersForNodeUpdate 

func (ctlr *Controller) UpdatePoolMembersForNodeUpdate(clusterName string)

type CustomProfile 

type CustomProfile struct {
	Name          string `json:"name"`
	Partition     string `json:"-"`
	Context       string `json:"context"` // 'clientside', 'serverside', or 'all'
	Ciphers       string `json:"ciphers,omitempty"`
	CipherGroup   string `json:"cipherGroup,omitempty"`
	TLS1_3Enabled bool   `json:"tls1_3Enabled"`
	ServerName    string `json:"serverName,omitempty"`
	SNIDefault    bool   `json:"sniDefault,omitempty"`
	PeerCertMode  string `json:"peerCertMode,omitempty"`
	CAFile        string `json:"caFile,omitempty"`
	ChainCA       string `json:"chainCA,omitempty"`
	Certificates  []certificate
}

SSL Profile loaded from Secret or Route object

func NewCustomProfile 

func NewCustomProfile(
	profile ProfileRef,
	certificates []certificate,
	serverName string,
	sni bool,
	peerCertMode,
	caFile string,
	chainCA string,
	tlsCipher cisapiv1.TLSCipher,
) CustomProfile

type CustomProfileStore 

type CustomProfileStore struct {
	sync.Mutex
	Profs map[SecretKey]CustomProfile
}

Store of CustomProfiles

type DataGroupNamespaceMap 

type DataGroupNamespaceMap map[string]*InternalDataGroup

type GSLBPool 

type GSLBPool struct {
	Name           string    `json:"name"`
	RecordType     string    `json:"recordType"`
	LBMethod       string    `json:"LoadBalancingMode"`
	LBModeFallBack string    `json:"fallbackMode"`
	PriorityOrder  int       `json:"order"`
	Ratio          int       `json:"ratio"`
	Members        []string  `json:"members"`
	Monitors       []Monitor `json:"monitors,omitempty"`
	DataServer     string
}

type GTMConfig 

type GTMConfig map[string]GTMPartitionConfig

GTMConfig key is PartitionName

type GTMPartitionConfig 

type GTMPartitionConfig struct {
	// WideIPs: key is domainName, and value is WideIP
	WideIPs map[string]WideIP
}

type IRule 

type IRule struct {
	Name      string `json:"name"`
	Partition string `json:"-"`
	Code      string `json:"apiAnonymous"`
}

iRules

func NewIRule 

func NewIRule(name, partition, code string) *IRule

type IRulesMap 

type IRulesMap map[NameRef]*IRule

type InternalDataGroup 

type InternalDataGroup struct {
	Name      string                   `json:"name"`
	Partition string                   `json:"-"`
	Type      string                   `json:"-"`
	Records   InternalDataGroupRecords `json:"records"`
}

func (*InternalDataGroup) AddOrUpdateRecord 

func (idg *InternalDataGroup) AddOrUpdateRecord(name, data string) bool

func (*InternalDataGroup) RemoveRecord 

func (idg *InternalDataGroup) RemoveRecord(name string) bool

type InternalDataGroupMap 

type InternalDataGroupMap map[NameRef]DataGroupNamespaceMap

type InternalDataGroupRecord 

type InternalDataGroupRecord struct {
	Name string `json:"name"`
	Data string `json:"data"`
}

type InternalDataGroupRecords 

type InternalDataGroupRecords []InternalDataGroupRecord

func (InternalDataGroupRecords) Len 

func (slice InternalDataGroupRecords) Len() int

func (InternalDataGroupRecords) Less 

func (slice InternalDataGroupRecords) Less(i, j int) bool

func (InternalDataGroupRecords) Swap 

func (slice InternalDataGroupRecords) Swap(i, j int)

type L3PostManager 

type L3PostManager struct {
}

type LTMConfig 

type LTMConfig map[string]*PartitionConfig

LTMConfig contain partition based ResourceMap

func (LTMConfig) GetAllPoolMembers 

func (lc LTMConfig) GetAllPoolMembers() []PoolMember

type ManagedResources 

type ManagedResources struct {
	ManageRoutes          bool
	ManageCustomResources bool
	ManageTransportServer bool
	ManageVirtualServer   bool
	ManageEDNS            bool
	ManageIL              bool
	ManageTLSProfile      bool
	ManageSecrets         bool
}

type Monitor 

type Monitor struct {
	Name        string `json:"name"`
	Partition   string `json:"-"`
	Interval    int    `json:"interval,omitempty"`
	Type        string `json:"type,omitempty"`
	Send        string `json:"send,omitempty"`
	Recv        string `json:"recv"`
	Timeout     int    `json:"timeout,omitempty"`
	TargetPort  int32  `json:"targetPort,omitempty"`
	Path        string `json:"path,omitempty"`
	TimeUntilUp *int   `json:"timeUntilUp,omitempty"`
}

Monitor is Pool health monitor

type MonitorName 

type MonitorName struct {
	Name string `json:"name"`
	// Reference is used to link existing health monitor on bigip
	Reference string `json:"reference,omitempty"`
}

type Monitors 

type Monitors []Monitor

Monitors is slice of monitor

type MultiClusterPoolInformer 

type MultiClusterPoolInformer struct {
	// contains filtered or unexported fields
}

type MultiClusterResourceStore 

type MultiClusterResourceStore struct {
	sync.Mutex
	// contains filtered or unexported fields
}

type MultiClusterServiceConfig 

type MultiClusterServiceConfig struct {
	// contains filtered or unexported fields
}

type MultiClusterServiceKey 

type MultiClusterServiceKey struct {
	// contains filtered or unexported fields
}

type MultiPoolPersistence 

type MultiPoolPersistence struct {
	Method  string `json:"method,omitempty"`
	TimeOut int32  `json:"timeOut,omitempty"`
}

type NPLAnnoations 

type NPLAnnoations []NPLAnnotation

List of NPL annotations

type NPLAnnotation 

type NPLAnnotation struct {
	PodPort  int32  `json:"podPort"`
	NodeIP   string `json:"nodeIP"`
	NodePort int32  `json:"nodePort"`
}

NPL information from pod annotation

type NPLStore 

type NPLStore map[string]NPLAnnoations

key is namespace/pod. stores list of npl annotation on pod

type NRInformer 

type NRInformer struct {
	// contains filtered or unexported fields
}

NRInformer is informer context for Native Resources of Kubernetes/Openshift

type NSInformer 

type NSInformer struct {
	// contains filtered or unexported fields
}

type NameRef 

type NameRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
}

virtual server policy/profile reference

type Node 

type Node struct {
	Name   string
	Addr   string
	Labels map[string]string
}

type NodeInformer 

type NodeInformer struct {
	// contains filtered or unexported fields
}

type NodeList 

type NodeList []v1.Node

func (NodeList) Len 

func (nodes NodeList) Len() int

sort Nodes by Name

func (NodeList) Less 

func (nodes NodeList) Less(i, j int) bool

func (NodeList) Swap 

func (nodes NodeList) Swap(i, j int)

type Params 

type Params struct {
	Config                *rest.Config
	ClientSets            *ClientSets
	Namespaces            []string
	UserAgent             string
	UseNodeInternal       bool
	NodePollInterval      int
	IPAM                  bool
	DefaultRouteDomain    int
	CISConfigCRKey        string
	MultiClusterMode      string
	CMConfigDetails       *CMConfig
	CMTrustedCerts        string
	CMSSLInsecure         bool
	HttpAddress           string
	ManageCustomResources bool
	// contains filtered or unexported fields
}

Params defines parameters

type PartitionConfig 

type PartitionConfig struct {
	ResourceMap   ResourceMap
	Priority      *int
	PriorityMutex sync.RWMutex
}

PartitionConfig contains ResourceMap and priority of partition

type Policies 

type Policies []Policy

Policies is slice of policy

type Policy 

type Policy struct {
	Name        string   `json:"name"`
	Partition   string   `json:"-"`
	SubPath     string   `json:"subPath,omitempty"`
	Controls    []string `json:"controls,omitempty"`
	Description string   `json:"description,omitempty"`
	Legacy      bool     `json:"legacy,omitempty"`
	Requires    []string `json:"requires,omitempty"`
	Rules       Rules    `json:"rules,omitempty"`
	Strategy    string   `json:"strategy,omitempty"`
}

Policy Virtual policy

func (*Policy) AddRules 

func (pol *Policy) AddRules(rls *Rules)

type Pool 

type Pool struct {
	Name                 string                                  `json:"name"`
	Partition            string                                  `json:"-"`
	ServiceName          string                                  `json:"-"`
	ServiceNamespace     string                                  `json:"-"`
	ServicePort          intstr.IntOrString                      `json:"-"`
	Balance              string                                  `json:"loadBalancingMethod,omitempty"`
	Members              []PoolMember                            `json:"members"`
	NodeMemberLabel      string                                  `json:"-"`
	MonitorNames         []MonitorName                           `json:"monitors,omitempty"`
	MinimumMonitors      intstr.IntOrString                      `json:"minimumMonitors,omitempty"`
	ReselectTries        int32                                   `json:"reselectTries,omitempty"`
	ServiceDownAction    string                                  `json:"serviceDownAction,omitempty"`
	SlowRampTime         int32                                   `json:"slowRampTime,omitempty"`
	Weight               int32                                   `json:"weight,omitempty"`
	AlternateBackends    []AlternateBackend                      `json:"alternateBackends"`
	MultiClusterServices []cisapiv1.MultiClusterServiceReference `json:"_"`
	Cluster              string                                  `json:"-"`
	ConnectionLimit      int32                                   `json:"-"`
}

Pool config

type PoolIdentifier 

type PoolIdentifier struct {
	// contains filtered or unexported fields
}

type PoolMember 

type PoolMember struct {
	Address         string `json:"address"`
	Port            int32  `json:"port"`
	MemberType      string `json:"memberType"`
	SvcPort         int32  `json:"svcPort,omitempty"`
	Session         string `json:"session,omitempty"`
	AdminState      string `json:"adminState,omitempty"`
	ConnectionLimit int32  `json:"connectionLimit,omitempty"`
}

type PoolMemberCache 

type PoolMemberCache map[MultiClusterServiceKey]*poolMembersInfo

PoolMemberCache key is namespace/service

type Pools 

type Pools []Pool

Pools is slice of pool

type PostManager 

type PostManager struct {
	AS3PostManager *AS3PostManager
	L3PostManager  *L3PostManager

	PostParams
	// contains filtered or unexported fields
}

func NewPostManager 

func NewPostManager(params PostParams, partition string) *PostManager

func (*PostManager) GetAS3DeclarationFromBigIP 

func (postMgr *PostManager) GetAS3DeclarationFromBigIP() (map[string]interface{}, error)

func (*PostManager) GetBigipAS3Version 

func (postMgr *PostManager) GetBigipAS3Version() (string, string, string, error)

func (*PostManager) GetBigipRegKey 

func (postMgr *PostManager) GetBigipRegKey() (string, error)

GetBigipRegKey ...

type PostManagers 

type PostManagers struct {
	sync.RWMutex
	PostManagerMap map[cisapiv1.BigIpConfig]*PostManager
}

type PostParams 

type PostParams struct {
	HTTPClientMetrics bool

	AS3Config cisapiv1.AS3Config

	UserAgent string
	// contains filtered or unexported fields
}

type PrimaryClusterHealthProbeParams 

type PrimaryClusterHealthProbeParams struct {
	EndPoint     string
	EndPointType string
	// contains filtered or unexported fields
}

type ProcessedHostPath 

type ProcessedHostPath struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Store of CustomProfiles

type ProfileHTTP2 

type ProfileHTTP2 struct {
	Client string `json:"client,omitempty"`
	Server string `json:"server,omitempty"`
}

type ProfileRef 

type ProfileRef struct {
	Name      string `json:"name"`
	Partition string `json:"partition"`
	Context   string `json:"context"` // 'clientside', 'serverside', or 'all'
	// Used as reference to which Namespace/Ingress this profile came from
	// (for deletion purposes)
	Namespace    string `json:"-"`
	BigIPProfile bool   `json:"-"`
}

ProfileRef is a Reference to pre-existing profiles

func ConvertStringToProfileRef 

func ConvertStringToProfileRef(profileName, context, ns string) ProfileRef

ConvertStringToProfileRef converts strings to profile references

type ProfileRefs 

type ProfileRefs []ProfileRef

ProfileRefs is a list of ProfileRef

func (ProfileRefs) Len 

func (slice ProfileRefs) Len() int

func (ProfileRefs) Less 

func (slice ProfileRefs) Less(i, j int) bool

func (ProfileRefs) Swap 

func (slice ProfileRefs) Swap(i, j int)

type ProfileTCP 

type ProfileTCP struct {
	Client string `json:"client,omitempty"`
	Server string `json:"server,omitempty"`
}

type RequestHandler 

type RequestHandler struct {
	PostManagers PostManagers

	PostParams PostParams

	CMTokenManager                  *tokenmanager.TokenManager
	HAMode                          bool
	PrimaryClusterHealthProbeParams PrimaryClusterHealthProbeParams
	// contains filtered or unexported fields
}

func (*RequestHandler) EnqueueRequestConfig 

func (req *RequestHandler) EnqueueRequestConfig(rsConfig ResourceConfigRequest)

type ResourceConfig 

type ResourceConfig struct {
	MetaData       metaData         `json:"-"`
	Virtual        Virtual          `json:"virtual,omitempty"`
	Pools          Pools            `json:"pools,omitempty"`
	Policies       Policies         `json:"policies,omitempty"`
	Monitors       []Monitor        `json:"monitors,omitempty"`
	ServiceAddress []ServiceAddress `json:"serviceAddress,omitempty"`
	IRulesMap      IRulesMap
	IntDgMap       InternalDataGroupMap
	// contains filtered or unexported fields
}

ResourceConfig contains a set of LTM resources to create a Virtual Server

func (*ResourceConfig) AddRuleToPolicy 

func (rsCfg *ResourceConfig) AddRuleToPolicy(policyName, partition string, rules *Rules)

func (*ResourceConfig) FindPolicy 

func (rc *ResourceConfig) FindPolicy(controlType string) *Policy

FindPolicy gets the information of a policy

func (*ResourceConfig) GetName 

func (cfg *ResourceConfig) GetName() string

func (*ResourceConfig) SetPolicy 

func (rc *ResourceConfig) SetPolicy(policy Policy)

SetPolicy sets a policy

type ResourceConfigRequest 

type ResourceConfigRequest struct {
	// contains filtered or unexported fields
}

ResourceConfigRequest Each BigIPConfig per BigIP HA pair to put into the queue to process

type ResourceConfigs 

type ResourceConfigs []*ResourceConfig

ResourceConfigs is group of ResourceConfig

type ResourceMap 

type ResourceMap map[string]*ResourceConfig

ResourceMap key is resource name, value is pointer to config. May be shared.

type ResourceSelectorConfig 

type ResourceSelectorConfig struct {
	NamespaceLabel string
	NodeLabel      string
	RouteLabel     string
	// contains filtered or unexported fields
}

type ResourceStore 

type ResourceStore struct {
	// contains filtered or unexported fields
}

ResourceStore contain processed LTM and GTM resource data

func NewResourceStore 

func NewResourceStore() *ResourceStore

NewResourceStore is Constructor for ResourceStore

func (*ResourceStore) Init 

func (rs *ResourceStore) Init()

Init is Receiver to initialize the object.

type RouteBackendCxt 

type RouteBackendCxt struct {
	Weight       float64
	Name         string
	Cluster      string
	SvcNamespace string
}

type Rule 

type Rule struct {
	Name       string       `json:"name"`
	FullURI    string       `json:"-"`
	Ordinal    int          `json:"ordinal,omitempty"`
	Actions    []*action    `json:"actions,omitempty"`
	Conditions []*condition `json:"conditions,omitempty"`
}

Rule config for a Policy

type Rules 

type Rules []*Rule

Rules is a slice of Rule

func (Rules) Len 

func (rules Rules) Len() int

func (Rules) Less 

func (rules Rules) Less(i, j int) bool

func (Rules) Swap 

func (rules Rules) Swap(i, j int)

type SecretKey 

type SecretKey struct {
	Name         string
	ResourceName string
}

type ServiceAddress 

type ServiceAddress struct {
	ArpEnabled         bool   `json:"arpEnabled,omitempty"`
	ICMPEcho           string `json:"icmpEcho,omitempty"`
	RouteAdvertisement string `json:"routeAdvertisement,omitempty"`
	TrafficGroup       string `json:"trafficGroup,omitempty"`
	SpanningEnabled    bool   `json:"spanningEnabled,omitempty"`
}

ServiceAddress Service IP address definition (BIG-IP virtual-address).

type ServiceTypeLBHealthMonitor 

type ServiceTypeLBHealthMonitor struct {
	Interval int `json:"interval"`
	Timeout  int `json:"timeout"`
}

This is the format for each item in the health monitor annotation used in the ServiceType LB objects.

type Services 

type Services []*v1.Service

func (Services) Len 

func (svcs Services) Len() int

sort services by timestamp

func (Services) Less 

func (svcs Services) Less(i, j int) bool

func (Services) Swap 

func (svcs Services) Swap(i, j int)

type SourceAddrTranslation 

type SourceAddrTranslation struct {
	Type string `json:"type"`
	Pool string `json:"pool,omitempty"`
}

SourceAddrTranslation is Virtual Server Source Address Translation

type SvcBackendCxt 

type SvcBackendCxt struct {
	Weight       float64
	Name         string
	SvcNamespace string `json:"svcNamespace,omitempty"`
	Cluster      string
}

type TLSContext 

type TLSContext struct {
	// contains filtered or unexported fields
}

type TLSVersion 

type TLSVersion string

type VSSpecProperties 

type VSSpecProperties struct {
	PoolWAF bool
}

type Virtual 

type Virtual struct {
	Name                       string                `json:"name"`
	PoolName                   string                `json:"pool,omitempty"`
	Partition                  string                `json:"-"`
	Destination                string                `json:"destination"`
	Enabled                    bool                  `json:"enabled"`
	IpProtocol                 string                `json:"ipProtocol,omitempty"`
	SourceAddrTranslation      SourceAddrTranslation `json:"sourceAddressTranslation,omitempty"`
	Policies                   []nameRef             `json:"policies,omitempty"`
	Profiles                   ProfileRefs           `json:"profiles,omitempty"`
	IRules                     []string              `json:"rules,omitempty"`
	Description                string                `json:"description,omitempty"`
	VirtualAddress             *virtualAddress       `json:"-"`
	AdditionalVirtualAddresses []string              `json:"additionalVirtualAddresses,omitempty"`
	SNAT                       string                `json:"snat,omitempty"`
	ConnectionMirroring        string                `json:"connectionMirroring,omitempty"`
	WAF                        string                `json:"waf,omitempty"`
	Firewall                   string                `json:"firewallPolicy,omitempty"`
	LogProfiles                []string              `json:"logProfiles,omitempty"`
	ProfileL4                  string                `json:"profileL4,omitempty"`
	ProfileMultiplex           string                `json:"profileMultiplex,omitempty"`
	ProfileWebSocket           string                `json:"profileWebSocket,omitempty"`
	ProfileDOS                 string                `json:"profileDOS,omitempty"`
	ProfileBotDefense          string                `json:"profileBotDefense,omitempty"`
	TCP                        ProfileTCP            `json:"tcp,omitempty"`
	HTTP2                      ProfileHTTP2          `json:"http2,omitempty"`
	Mode                       string                `json:"mode,omitempty"`
	TranslateServerAddress     bool                  `json:"translateServerAddress"`
	TranslateServerPort        bool                  `json:"translateServerPort"`
	Source                     string                `json:"source,omitempty"`
	AllowVLANs                 []string              `json:"allowVlans,omitempty"`
	PersistenceProfile         string                `json:"persistenceProfile,omitempty"`
	TLSTermination             string                `json:"-"`
	AllowSourceRange           []string              `json:"allowSourceRange,omitempty"`
	HttpMrfRoutingEnabled      *bool                 `json:"httpMrfRoutingEnabled,omitempty"`
	IpIntelligencePolicy       string                `json:"ipIntelligencePolicy,omitempty"`
	AutoLastHop                string                `json:"lastHop,omitempty"`
	AnalyticsProfiles          AnalyticsProfiles     `json:"analyticsProfiles,omitempty"`
	MultiPoolPersistence       MultiPoolPersistence  `json:"multiPoolPersistence,omitempty"`
}

Virtual server config

func (*Virtual) AddIRule 

func (v *Virtual) AddIRule(ruleName string) bool

Adds an IRule reference to a Virtual object

func (*Virtual) AddOrUpdateProfile 

func (v *Virtual) AddOrUpdateProfile(prof ProfileRef) bool

AddOrUpdateProfile updates profile to rsCfg

func (*Virtual) SetVirtualAddress 

func (v *Virtual) SetVirtualAddress(bindAddr string, port int32)

SetVirtualAddress sets a VirtualAddress

type Virtuals 

type Virtuals []Virtual

Virtuals is slice of virtuals

type WideIP 

type WideIP struct {
	DomainName            string     `json:"name"`
	ClientSubnetPreferred *bool      `json:"clientSubnetPreferred,omitempty"`
	RecordType            string     `json:"recordType"`
	LBMethod              string     `json:"LoadBalancingMode"`
	PersistenceEnabled    bool       `json:"persistenceEnabled"`
	PersistCidrIPv4       uint8      `json:"persistCidrIpv4"`
	PersistCidrIPv6       uint8      `json:"persistCidrIpv6"`
	TTLPersistence        uint32     `json:"ttlPersistence"`
	Pools                 []GSLBPool `json:"pools"`
	UID                   string
}

type WideIPs 

type WideIPs struct {
	WideIPs []WideIP `json:"wideIPs"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.