Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the cloudsql v1alpha1 API group: the custom resource AuthProxyWorkload version v1alpha1 This follows the kubebuilder pattern for defining custom resources.
+kubebuilder:object:generate=true +groupName=cloudsql.cloud.google.com
Index ¶
- Constants
- Variables
- type AuthProxyContainerSpec
- type AuthProxyWorkload
- func (in *AuthProxyWorkload) DeepCopy() *AuthProxyWorkload
- func (in *AuthProxyWorkload) DeepCopyInto(out *AuthProxyWorkload)
- func (in *AuthProxyWorkload) DeepCopyObject() runtime.Object
- func (r *AuthProxyWorkload) Default()
- func (r *AuthProxyWorkload) SetupWebhookWithManager(mgr ctrl.Manager) error
- func (r *AuthProxyWorkload) ValidateCreate() error
- func (r *AuthProxyWorkload) ValidateDelete() error
- func (r *AuthProxyWorkload) ValidateUpdate(_ runtime.Object) error
- type AuthProxyWorkloadList
- type AuthProxyWorkloadSpec
- type AuthProxyWorkloadStatus
- type InstanceSpec
- type WorkloadSelectorSpec
- type WorkloadStatus
Constants ¶
const ( // ErrorCodePortConflict occurs when an explicit port assignment for a workload // is in conflict with a port assignment from the pod or another proxy container. ErrorCodePortConflict = "PortConflict" // ErrorCodeEnvConflict occurs when an the environment code does not work. ErrorCodeEnvConflict = "EnvVarConflict" // AnnotationPrefix is used as the prefix for all annotations added to a domain object. // to hold metadata related to this operator. AnnotationPrefix = "cloudsql.cloud.google.com" // ConditionUpToDate indicates whether the reconciliation loop // has properly processed the latest generation of an AuthProxyInstance ConditionUpToDate = "UpToDate" // ReasonStartedReconcile relates to condition UpToDate, this reason is set // when the resource is not up to date because reconcile has started, but not // finished. ReasonStartedReconcile = "StartedReconcile" // ReasonFinishedReconcile relates to condition UpToDate, this reason is set // when the resource reconcile has finished running. ReasonFinishedReconcile = "FinishedReconcile" // ReasonNoWorkloadsFound relates to condition UpToDate, this reason is set // when there are no workloads related to this AuthProxyWorkload resource. ReasonNoWorkloadsFound = "NoWorkloadsFound" // ConditionWorkloadUpToDate indicates whether the reconciliation loop // has properly processed the latest generation of an AuthProxyInstance ConditionWorkloadUpToDate = "WorkloadUpToDate" // ReasonUpToDate relates to condition WorkloadUpToDate, this reason is set // when there are no workloads related to this AuthProxyWorkload resource. ReasonUpToDate = "UpToDate" )
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "cloudsql.cloud.google.com", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type AuthProxyContainerSpec ¶
type AuthProxyContainerSpec struct {
// Container is debugging parameter that when specified will override the
// proxy container with a completely custom Container spec.
//+kubebuilder:validation:Optional
Container *v1.Container `json:"container,omitempty"`
// Resources specifies the resources required for the proxy pod.
//+kubebuilder:validation:Optional
Resources *v1.ResourceRequirements `json:"resources,omitempty"`
// MaxConnections limits the number of connections. Default value is no limit.
// This sets the proxy container's CLI argument `--max-connections`
//+kubebuilder:validation:Optional
MaxConnections *int64 `json:"maxConnections,omitempty"`
// MaxSigtermDelay is the maximum number of seconds to wait for connections to close after receiving a TERM signal.
// This sets the proxy container's CLI argument `--max-sigterm-delay` and
// configures `terminationGracePeriodSeconds` on the workload's PodSpec.
//+kubebuilder:validation:Optional
MaxSigtermDelay *int64 `json:"maxSigtermDelay,omitempty"`
// SQLAdminAPIEndpoint is a debugging parameter that when specified will
// change the Google Cloud api endpoint used by the proxy.
//+kubebuilder:validation:Optional
SQLAdminAPIEndpoint string `json:"sqlAdminAPIEndpoint,omitempty"`
// Image is the URL to the proxy image. Optional, by default the operator
// will use the latest known compatible proxy image.
//+kubebuilder:validation:Optional
Image string `json:"image,omitempty"`
}
AuthProxyContainerSpec specifies configuration for the proxy container.
func (*AuthProxyContainerSpec) DeepCopy ¶
func (in *AuthProxyContainerSpec) DeepCopy() *AuthProxyContainerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthProxyContainerSpec.
func (*AuthProxyContainerSpec) DeepCopyInto ¶
func (in *AuthProxyContainerSpec) DeepCopyInto(out *AuthProxyContainerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AuthProxyWorkload ¶
type AuthProxyWorkload struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec AuthProxyWorkloadSpec `json:"spec,omitempty"`
Status AuthProxyWorkloadStatus `json:"status,omitempty"`
}
AuthProxyWorkload declares how a Cloud SQL Proxy container should be applied to a matching set of workloads, and shows the status of those proxy containers. This is the Schema for the authproxyworkloads API.
+kubebuilder:object:root=true +kubebuilder:subresource:status
func (*AuthProxyWorkload) DeepCopy ¶
func (in *AuthProxyWorkload) DeepCopy() *AuthProxyWorkload
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthProxyWorkload.
func (*AuthProxyWorkload) DeepCopyInto ¶
func (in *AuthProxyWorkload) DeepCopyInto(out *AuthProxyWorkload)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthProxyWorkload) DeepCopyObject ¶
func (in *AuthProxyWorkload) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*AuthProxyWorkload) Default ¶
func (r *AuthProxyWorkload) Default()
Default implements webhook.Defaulter so a webhook will be registered for the type
func (*AuthProxyWorkload) SetupWebhookWithManager ¶
func (r *AuthProxyWorkload) SetupWebhookWithManager(mgr ctrl.Manager) error
func (*AuthProxyWorkload) ValidateCreate ¶
func (r *AuthProxyWorkload) ValidateCreate() error
ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (*AuthProxyWorkload) ValidateDelete ¶
func (r *AuthProxyWorkload) ValidateDelete() error
ValidateDelete implements webhook.Validator so a webhook will be registered for the type
func (*AuthProxyWorkload) ValidateUpdate ¶
func (r *AuthProxyWorkload) ValidateUpdate(_ runtime.Object) error
ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
type AuthProxyWorkloadList ¶
type AuthProxyWorkloadList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []AuthProxyWorkload `json:"items"`
}
AuthProxyWorkloadList contains a list of AuthProxyWorkload and is part of the authproxyworkloads API. +kubebuilder:object:root=true
func (*AuthProxyWorkloadList) DeepCopy ¶
func (in *AuthProxyWorkloadList) DeepCopy() *AuthProxyWorkloadList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthProxyWorkloadList.
func (*AuthProxyWorkloadList) DeepCopyInto ¶
func (in *AuthProxyWorkloadList) DeepCopyInto(out *AuthProxyWorkloadList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthProxyWorkloadList) DeepCopyObject ¶
func (in *AuthProxyWorkloadList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type AuthProxyWorkloadSpec ¶
type AuthProxyWorkloadSpec struct {
// Workload selects the workload to
//+kubebuilder:validation:Required
Workload WorkloadSelectorSpec `json:"workloadSelector"`
// AuthProxyContainer describes the resources and config for the Auth Proxy container
//+kubebuilder:validation:Optional
AuthProxyContainer *AuthProxyContainerSpec `json:"authProxyContainer,omitempty"`
// Instances lists the Cloud SQL instances to connect
//+kubebuilder:validation:Required
//+kubebuilder:validation:MinItems=1
Instances []InstanceSpec `json:"instances"`
}
AuthProxyWorkloadSpec defines the desired state of AuthProxyWorkload
func (*AuthProxyWorkloadSpec) DeepCopy ¶
func (in *AuthProxyWorkloadSpec) DeepCopy() *AuthProxyWorkloadSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthProxyWorkloadSpec.
func (*AuthProxyWorkloadSpec) DeepCopyInto ¶
func (in *AuthProxyWorkloadSpec) DeepCopyInto(out *AuthProxyWorkloadSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AuthProxyWorkloadStatus ¶
type AuthProxyWorkloadStatus struct {
// Conditions show the overall status of the AuthProxyWorkload resource on all
// matching workloads.
//
// The "UpToDate" condition indicates that the proxy was successfully
// applied to all matching workloads. See ConditionUpToDate.
Conditions []*metav1.Condition `json:"conditions,omitempty"`
// WorkloadStatus presents the observed status of individual workloads that match
// this AuthProxyWorkload resource.
WorkloadStatus []*WorkloadStatus `json:"WorkloadStatus,omitempty"`
}
AuthProxyWorkloadStatus presents the observed state of AuthProxyWorkload using standard Kubernetes Conditions.
func (*AuthProxyWorkloadStatus) DeepCopy ¶
func (in *AuthProxyWorkloadStatus) DeepCopy() *AuthProxyWorkloadStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthProxyWorkloadStatus.
func (*AuthProxyWorkloadStatus) DeepCopyInto ¶
func (in *AuthProxyWorkloadStatus) DeepCopyInto(out *AuthProxyWorkloadStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InstanceSpec ¶
type InstanceSpec struct {
// ConnectionString is the Cloud SQL instance.
//+kubebuilder:validation:Required
ConnectionString string `json:"connectionString,omitempty"`
// Port sets the tcp port for this instance. Optional, if not set, a value will
// be automatically assigned by the operator and set as an environment variable
// on all containers in the workload named according to PortEnvName. The operator will choose
// a port so that it does not conflict with other ports on the workload.
//+kubebuilder:validation:Optional
Port *int32 `json:"port,omitempty"`
// AutoIAMAuthN Enables IAM Authentication for this instance. Optional, default
// false.
//+kubebuilder:validation:Optional
AutoIAMAuthN *bool `json:"autoIAMAuthN,omitempty"`
// PrivateIP Enable connection to the Cloud SQL instance's private ip for this instance.
// Optional, default false.
//+kubebuilder:validation:Optional
PrivateIP *bool `json:"privateIP,omitempty"`
// PortEnvName is name of the environment variable containing this instance's tcp port.
// Optional, when set this environment variable will be added to all containers in the workload.
//+kubebuilder:validation:Optional
PortEnvName string `json:"portEnvName,omitempty"`
// HostEnvName The name of the environment variable containing this instances tcp hostname
// Optional, when set this environment variable will be added to all containers in the workload.
//+kubebuilder:validation:Optional
HostEnvName string `json:"hostEnvName,omitempty"`
}
InstanceSpec describes the configuration for how the proxy should expose a Cloud SQL database instance to a workload. The simplest possible configuration declares just the connection string and the port number or unix socket.
For example, for a TCP port:
{ "connectionString":"my-project:us-central1:my-db-server", "port":5000 }
or for a unix socket:
{ "connectionString":"my-project:us-central1:my-db-server",
"unixSocketPath" : "/mnt/db/my-db-server" }
You may allow the operator to choose a non-conflicting TCP port or unix socket instead of explicitly setting the port or socket path. This may be easier to manage when workload needs to connect to many databases.
For example, for a TCP port:
{ "connectionString":"my-project:us-central1:my-db-server",
"portEnvName":"MY_DB_SERVER_PORT"
"hostEnvName":"MY_DB_SERVER_HOST"
}
will set environment variables MY_DB_SERVER_PORT MY_DB_SERVER_HOST with the value of the TCP port and hostname. Then, the application can read these values to connect to the database through the proxy.
or for a unix socket:
{ "connectionString":"my-project:us-central1:my-db-server",
"unixSocketPathEnvName" : "MY_DB_SERVER_SOCKET_DIR" }
will set environment variables MY_DB_SERVER_SOCKET_DIR with the value of the unix socket path. Then, the application can read this value to connect to the database through the proxy.
func (*InstanceSpec) DeepCopy ¶
func (in *InstanceSpec) DeepCopy() *InstanceSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceSpec.
func (*InstanceSpec) DeepCopyInto ¶
func (in *InstanceSpec) DeepCopyInto(out *InstanceSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WorkloadSelectorSpec ¶
type WorkloadSelectorSpec struct {
// Selector selects resources using labels. See "Label selectors" in the kubernetes docs
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
//+kubebuilder:validation:Optional
Selector *metav1.LabelSelector `json:"selector,omitempty"`
// Kind specifies what kind of workload
// Supported kinds: Deployment, StatefulSet, Pod, ReplicaSet,DaemonSet, Job, CronJob
// Example: "Deployment" "Deployment.v1" or "Deployment.v1.apps".
//+kubebuilder:validation:Required
//+kubebuilder:validation:Pattern=\w+(\.\w+)*
Kind string `json:"kind"`
// Namespace specifies namespace in which to select the resource.
// Optional, defaults to the namespace of the AuthProxyWorkload resource.
// All or Wildcard namespaces are not supported.
//+kubebuilder:validation:Optional
Namespace string `json:"namespace,omitempty"`
// Name specifies the name of the resource to select.
//+kubebuilder:validation:Optional
Name string `json:"name,omitempty"`
}
WorkloadSelectorSpec describes which workloads should be configured with this proxy configuration. To be valid, WorkloadSelectorSpec must specify Kind and either Name or Selector.
func (*WorkloadSelectorSpec) DeepCopy ¶
func (in *WorkloadSelectorSpec) DeepCopy() *WorkloadSelectorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadSelectorSpec.
func (*WorkloadSelectorSpec) DeepCopyInto ¶
func (in *WorkloadSelectorSpec) DeepCopyInto(out *WorkloadSelectorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WorkloadSelectorSpec) LabelsSelector ¶
func (s *WorkloadSelectorSpec) LabelsSelector() (labels.Selector, error)
LabelsSelector converts the Selector field into a controller-runtime labels.Selector for convenient use in the controller. If the Selector field is nil, returns an empty selector which will match all labels.
type WorkloadStatus ¶
type WorkloadStatus struct {
// Kind Version Namespace Name identify the specific workload.
//+kubebuilder:validation:Enum=Pod;Deployment;StatefulSet;ReplicaSet;DaemonSet;Job;CronJob
Kind string `json:"kind,omitempty,"`
Version string `json:"version,omitempty,"`
Namespace string `json:"namespace,omitempty,"`
Name string `json:"name,omitempty,"`
// Conditions show the status of the AuthProxyWorkload resource on this
// matching workload.
//
// The "UpToDate" condition indicates that the proxy was successfully
// applied to all matching workloads. See ConditionUpToDate.
Conditions []*metav1.Condition `json:"conditions"`
}
WorkloadStatus presents the status for how this AuthProxyWorkload resource was applied to a specific workload.
func (*WorkloadStatus) DeepCopy ¶
func (in *WorkloadStatus) DeepCopy() *WorkloadStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadStatus.
func (*WorkloadStatus) DeepCopyInto ¶
func (in *WorkloadStatus) DeepCopyInto(out *WorkloadStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files