controller

package
v1.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 21, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Overview

Package controller holds logic that interacts with the kubernetes API to reconcile the AuthProxyWorkload custom resources.

This follows the kubebuilder pattern for defining custom resources.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func InitScheme

func InitScheme(scheme *runtime.Scheme)

InitScheme was moved out of ../main.go to here so that it can be invoked from the testintegration tests AND from the actual operator.

func RegisterPodWebhook

func RegisterPodWebhook(mgr ctrl.Manager, u *workload.Updater) error

RegisterPodWebhook register the webhook to mutate pods

func SetupManagers

func SetupManagers(mgr manager.Manager, userAgent, defaultProxyImage string) error

SetupManagers was moved out of ../main.go here so that it can be invoked from the testintegration tests AND from the actual operator.

Types

type AuthProxyWorkloadReconciler

type AuthProxyWorkloadReconciler struct {
	client.Client
	Scheme *runtime.Scheme
	// contains filtered or unexported fields
}

AuthProxyWorkloadReconciler reconciles a AuthProxyWorkload object

func NewAuthProxyWorkloadReconciler

func NewAuthProxyWorkloadReconciler(mgr ctrl.Manager, u *workload.Updater) (*AuthProxyWorkloadReconciler, error)

NewAuthProxyWorkloadManager constructs an AuthProxyWorkloadReconciler

func (*AuthProxyWorkloadReconciler) Reconcile

Reconcile updates the state of the cluster so that AuthProxyWorkload instances have their configuration reflected correctly on workload PodSpec configuration. This reconcile loop runs when an AuthProxyWorkload is added, modified or deleted. It updates annotations on matching workloads indicating those workload that need to be updated.

As this controller's Reconcile() function patches the annotations on workloads, the PodAdmissionWebhook.Handle() method is called by k8s api, which is where the PodSpec is modified to match the AuthProxyWorkload configuration.

This function can only make one update to the AuthProxyWorkload per loop, so it is written like a state machine. It will quickly do a single update, often to the status, and then return. Sometimes it instructs the controller runtime to quickly requeue another call to Reconcile, so that it can further process the AuthProxyWorkload. It often takes several calls to Reconcile() to finish the reconcilliation of a single change to an AuthProxyWorkload.

For more details, check Reconcile and its Result here: https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.12.1/pkg/reconcile

func (*AuthProxyWorkloadReconciler) SetupWithManager

func (r *AuthProxyWorkloadReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds this AuthProxyWorkload controller to the controller-runtime manager.

type PodAdmissionWebhook

type PodAdmissionWebhook struct {
	Client client.Client
	// contains filtered or unexported fields
}

PodAdmissionWebhook implementation of a controller-runtime webhook for all supported workload types: Deployment, ReplicaSet, StatefulSet, Pod, CronJob, Job

func (*PodAdmissionWebhook) Handle

Handle is the MutatingWebhookController implemnentation which will update the proxy sidecars on all workloads to match the AuthProxyWorkload config.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL