controller

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2023 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Overview

Package controller holds logic that interacts with the kubernetes API to reconcile the AuthProxyWorkload custom resources.

This follows the kubebuilder pattern for defining custom resources.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func InitScheme 

func InitScheme(scheme *runtime.Scheme)

InitScheme was moved out of ../main.go to here so that it can be invoked from the testintegration tests AND from the actual operator.

func RegisterPodWebhook 

func RegisterPodWebhook(mgr ctrl.Manager, u *workload.Updater) error

RegisterPodWebhook register the webhook to mutate pods

func SetupManagers 

func SetupManagers(mgr manager.Manager, userAgent string) error

SetupManagers was moved out of ../main.go to here so that it can be invoked from the testintegration tests AND from the actual operator.

Types

type AuthProxyWorkloadReconciler 

type AuthProxyWorkloadReconciler struct {
	client.Client
	Scheme *runtime.Scheme
	// contains filtered or unexported fields
}

AuthProxyWorkloadReconciler reconciles a AuthProxyWorkload object

func NewAuthProxyWorkloadReconciler 

func NewAuthProxyWorkloadReconciler(mgr ctrl.Manager, u *workload.Updater) (*AuthProxyWorkloadReconciler, error)

NewAuthProxyWorkloadManager constructs an AuthProxyWorkloadReconciler

func (*AuthProxyWorkloadReconciler) Reconcile 

func (r *AuthProxyWorkloadReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile updates the state of the cluster so that AuthProxyWorkload instances have their configuration reflected correctly on workload PodSpec configuration. This reconcile loop runs when an AuthProxyWorkload is added, modified or deleted. It updates annotations on matching workloads indicating those workload that need to be updated.

As this controller's Reconcile() function patches the annotations on workloads, the PodAdmissionWebhook.Handle() method is called by k8s api, which is where the PodSpec is modified to match the AuthProxyWorkload configuration.

This function can only make one update to the AuthProxyWorkload per loop, so it is written like a state machine. It will quickly do a single update, often to the status, and then return. Sometimes it instructs the controller runtime to quickly requeue another call to Reconcile, so that it can further process the AuthProxyWorkload. It often takes several calls to Reconcile() to finish the reconcilliation of a single change to an AuthProxyWorkload.

For more details, check Reconcile and its Result here: https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.12.1/pkg/reconcile

func (*AuthProxyWorkloadReconciler) SetupWithManager 

func (r *AuthProxyWorkloadReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds this AuthProxyWorkload controller to the controller-runtime manager.

type PodAdmissionWebhook 

type PodAdmissionWebhook struct {
	Client client.Client
	// contains filtered or unexported fields
}

PodAdmissionWebhook implementation of a controller-runtime webhook for all supported workload types: Deployment, ReplicaSet, StatefulSet, Pod, CronJob, Job

func (*PodAdmissionWebhook) Handle 

func (a *PodAdmissionWebhook) Handle(ctx context.Context, req admission.Request) admission.Response

Handle is the MutatingWebhookController implemnentation which will update the proxy sidecars on all workloads to match the AuthProxyWorkload config.

func (*PodAdmissionWebhook) InjectDecoder 

func (a *PodAdmissionWebhook) InjectDecoder(d *admission.Decoder) error

InjectDecoder Dependency injection required by KubeBuilder controller runtime.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.