utils

package
v0.0.0-...-4a19bfe Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 2, 2022 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Copyright 2022 The Kubernetes Authors All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2022 The Kubernetes Authors All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2022 The Kubernetes Authors All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	// KubeSystem ...
	KubeSystem = "kube-system"
	// ConfigMapKind ...
	ConfigMapKind = "ConfigMap"
	// IngressKind ...
	IngressKind = "Ingress"

	// IKSConfigMapName contains name of the configmap used to configure the legacy ingress controller
	IKSConfigMapName = "ibm-cloud-provider-ingress-cm"
	// K8sConfigMapName contains name of the original configmap used to configure the community ingress controller (created by ingress-microservice)
	K8sConfigMapName = "ibm-k8s-controller-config"
	// TestK8sConfigMapName contains name of the migrated configmap used to configure the community ingress controller (created by migration-tool)
	TestK8sConfigMapName = "ibm-k8s-controller-config-test"

	// MigrationStatusConfigMapName contains name of the configmap used to store the migration status
	MigrationStatusConfigMapName = "ibm-ingress-migration-status"
	// LastUpdatesTimestampParameterName contains name of the parameter associated with timestamp of the last update in the status configmap
	LastUpdatesTimestampParameterName = "last-updated-timestamp"
	// MigratedResourcesParameterName contains name of the parameter associated with migrated resources in the status configmap
	MigratedResourcesParameterName = "migrated-resources"
	// SubdomainMapParameterName contains name of the parameter associated with mapping of user defined subdomains to generated test subdomains in the status configmap
	SubdomainMapParameterName = "subdomain-map"
	// MigrationModeParameterName contains name of the parameter associated with migration mode in the status configmap
	MigrationModeParameterName = "migration-mode"

	// IngressClassAnnotation contains the name of the annotation used to specify class of the ingress resource
	IngressClassAnnotation = "kubernetes.io/ingress.class"
	// PublicIngressClass is applied on ingress resources  when migration-tool is running in prod mode and migrated ingress resource
	// did not have ALB-ID annotation,or ALB-ID contained public ALB IDs only
	PublicIngressClass = "public-iks-k8s-nginx"
	// PrivateIngressClass is applied on ingress resources when migration-tool is running in prod mode and migrated ingress resource
	// had ALB-ID annotation with at least one private ALB ID
	PrivateIngressClass = "private-iks-k8s-nginx"
	// TestIngressClass is applied on ingress resources when migration-tool is running in test mode
	TestIngressClass = "test"

	// GenericK8sTCPConfigMapName is the name of the K8s configmap that contains the TCP port configuration for all public community ingress controllers
	GenericK8sTCPConfigMapName = "generic-k8s-ingress-tcp-ports"
	// TCPConfigMapNameSuffix is the name suffix which is used to construct the K8s configmap names that configures the ALB specific TCP port handling
	// for the community ingress controller
	TCPConfigMapNameSuffix = "-k8s-ingress-tcp-ports"

	RazeeSourceURLAnnotation = "razee.io/source-url"
	RazeeBuildURLAnnotation  = "razee.io/build-url"
)
View Source 
const (
	// UnsupportedCMParameter is returned when there is no parser function defined for iks configmap parameter
	UnsupportedCMParameter = "The '%s' parameter could not be migrated."
	// ErrorProcessingCMParameter is returned when processing of a configmap parameter failed with an error
	ErrorProcessingCMParameter = "The '%s' parameter failed to process and could not be migrated."
	// SSLDHParamFile is returned when the IKS ConfigMap contains the ssl-dhparam-file parameter
	SSLDHParamFile = "" /* 202-byte string literal not displayed */

	// ErrorCreatingIngressResources is returned when createIngressResources function returns error(s)
	ErrorCreatingIngressResources = "Error(s) occurred while creating the migrated Ingress resources."
	// ALBSelection is returned when ingress resource has 'ingress.bluemix.net/ALB-ID' annotation
	ALBSelection = "" /* 839-byte string literal not displayed */
	// CustomErrorsWarning is returned when ingress resource has 'ingress.bluemix.net/custom-errors' annotation
	CustomErrorsWarning = "" /* 208-byte string literal not displayed */
	// CustomErrorActionsWarning is returned when ingress resource has 'ingress.bluemix.net/custom-error-actions' annotation
	CustomErrorActionsWarning = "" /* 215-byte string literal not displayed */
	// UpstreamMaxFailsWarning is returned when ingress resource has 'ingress.bluemix.net/upstream-max-fails' annotation
	UpstreamMaxFailsWarning = "" /* 157-byte string literal not displayed */
	// ProxyExternalServiceWarning is returned when ingress resource has 'ingress.bluemix.net/proxy-external-service' annotation
	ProxyExternalServiceWarning = "" /* 460-byte string literal not displayed */
	// ProxyBusyBuffersSizeWarning is returned when ingress resource has 'ingress.bluemix.net/proxy-busy-buffers-size' annotation
	ProxyBusyBuffersSizeWarning = "" /* 268-byte string literal not displayed */
	// AddHostPortWarning is returned when ingress resource has 'ingress.bluemix.net/add-host-port' annotation
	AddHostPortWarning = "" /* 390-byte string literal not displayed */
	// IAMUIAuthWarning is returned when ingress resource has 'ingress.bluemix.net/iam-ui-auth' annotation
	IAMUIAuthWarning = "" /* 160-byte string literal not displayed */
	// StickyCookieServicesWarningNoSecure is returned when the 'secure' parameter is not included in 'ingress.bluemix.net/sticky-cookie-services'
	StickyCookieServicesWarningNoSecure = "" /* 353-byte string literal not displayed */
	// StickyCookieServicesWarningNoHttponly is returned when the 'httponly' parameter is not included in 'ingress.bluemix.net/sticky-cookie-services'
	StickyCookieServicesWarningNoHttponly = "" /* 360-byte string literal not displayed */
	// MutualAuthWarningCustomPort is returned when the 'port' parameter in 'ingress.bluemix.net/mutual-auth' is other than 443
	MutualAuthWarningCustomPort = "" /* 348-byte string literal not displayed */
	// TCPPortWarningWithALBID is returned in production mode when the Ingress has 'ingress.bluemix.net/tcp-ports' and ingress.bluemix.net/ALB-ID' annotations
	TCPPortWarningWithALBID = "" /* 483-byte string literal not displayed */
	// TCPPortWarningWithoutALBID is returned when the Ingress has 'ingress.bluemix.net/tcp-ports' but no ingress.bluemix.net/ALB-ID' annotations
	TCPPortWarningWithoutALBID = "" /* 419-byte string literal not displayed */
	// TCPPortWarningWithALBIDTest is returned in test/test-with-private mode when the Ingress has 'ingress.bluemix.net/tcp-ports' and ingress.bluemix.net/ALB-ID' annotations
	TCPPortWarningWithALBIDTest = "" /* 544-byte string literal not displayed */
	// TCPPortWarningWithoutALBIDTest is returned in test/test-with-private mode when the Ingress has 'ingress.bluemix.net/tcp-ports' but no ingress.bluemix.net/ALB-ID' annotations
	TCPPortWarningWithoutALBIDTest = "" /* 499-byte string literal not displayed */
	// UpstreamKeepaliveWarning is returned when ingress resource has 'ingress.bluemix.net/upstream-keepalive' annotation
	UpstreamKeepaliveWarning = "" /* 290-byte string literal not displayed */
	// UpstreamKeepaliveTimeoutWarning is returned when ingress resource has 'ingress.bluemix.net/upstream-keepalive-timeout' annotation
	UpstreamKeepaliveTimeoutWarning = "" /* 279-byte string literal not displayed */
	// UpstreamFailTimeoutWarning is returned when ingress resource has 'ingress.bluemix.net/upstream-fail-timeout' annotation
	UpstreamFailTimeoutWarning = "" /* 160-byte string literal not displayed */
	// AppIDAuthEnableAddon is returned when ingress resource has 'ingress.bluemix.net/appid-auth' annotation
	AppIDAuthEnableAddon = "" /* 320-byte string literal not displayed */
	// AppIDAuthAddCallbacks is returned when ingress resource has 'ingress.bluemix.net/appid-auth' annotation
	AppIDAuthAddCallbacks = "" /* 293-byte string literal not displayed */
	// AppIDAuthDifferentNamespace is returned when the namespace of the ingress resource and the namespace of the appid binding secret differ
	AppIDAuthDifferentNamespace = "" /* 461-byte string literal not displayed */
	// AppIDAuthConfigSnippetConflict is returned when the appid-related config could not be appended to the currently existing configuration-snippet because it would cause conflicts
	AppIDAuthConfigSnippetConflict = "" /* 263-byte string literal not displayed */
	// RewritesWarning is returned when an ingress resource have 'ingress.bluemix.net/rewrite-path' annotation
	RewritesWarning = "" /* 320-byte string literal not displayed */
	// LocationModifierWarning is returned when an ingress resource have 'ingress.bluemix.net/location-modifier' annotation and any of the location modifiers equal to the case sensitive location modifier
	LocationModifierWarning = "" /* 325-byte string literal not displayed */
	// HSTSWarning is returned when an ingress resource has the ingress.bluemix.net/hsts annotation
	HSTSWarning = "" /* 505-byte string literal not displayed */
	// CustomPortWarning is returned when ingress resource has 'ingress.bluemix.net/custom-port' annotation
	CustomPortWarning = "" /* 237-byte string literal not displayed */
	//LocationModifierGenericWarning is returned when the ingress resource has such a value in the 'ingress.bluemix.net/location-modifier' annotation which is not supported by the Kubernetes Ingress Controller
	LocationModifierGenericWarning = "" /* 375-byte string literal not displayed */
	//SSLServicesSecretWarning is returned when the ingress resource has a secret value in the 'ingress.bluemix.net/ssl-services' annotation and the content of the secret may not be appropriate
	// #nosec G101
	SSLServicesSecretWarning = "" /* 214-byte string literal not displayed */
)

Variables

View Source 
var (

	// TestDomain contains the test subdomain to use when migrating ingress resources (used only in test mode)
	TestDomain = ""
	// TestSecret contains the test secret to use when migrating ingress resources (used only in test mode)
	TestSecret = ""

	// ReadOnly specifies whether migration tool should create new / update or delete existing resources on the target cluster
	ReadOnly = true

	// DumpResources specifies whether migration tool should dump the resource YAMLs or not
	DumpResources = true
)

Functions

func CreateOrUpdateTCPPortsCM 

func CreateOrUpdateTCPPortsCM(kc KubeClient, cmName string, namespace string, data map[string]string, logger *zap.Logger) error

func DumpYAML 

func DumpYAML(dumpdir string, resourceMap interface{}) error

func GenerateTestSubdomain 

func GenerateTestSubdomain(testSubdomainBase, hostname string, randomString string, subdomainMap map[string]string) string

GenerateTestSubdomain returns a test subdomain based on the provided test subdomain base, hostname and random function the second returned parameter shows wethere the hostname is a conflicting wildcard subdomain

func GetIngressSvcs 

func GetIngressSvcs(ingressSpec networking.IngressSpec) []string

func GetKubeClient 

func GetKubeClient(kubeConfigPath string, logger *zap.Logger) (*clientset.Clientset, error)

func GetMode 

func GetMode() string

GetMode returns name of the current running mode

func GetZapLogger 

func GetZapLogger(dumpDir string) (*zap.Logger, error)

func IngressClassEquals 

func IngressClassEquals(i1 networking.Ingress, i2 networking.Ingress) bool

IngressClassEquals returns true if the ingress class of the provided ingress resources match i1 must define IngressClass annotation

func IngressInArray 

func IngressInArray(ingress networking.Ingress, ingressArray []networking.Ingress, match func(networking.Ingress, networking.Ingress) bool) bool

IngressInArray returns true if the provided 'ingress' matches to at least one element of the 'ingressArray' based on criteria defined in 'match' function

func IngressNameNamespaceEquals 

func IngressNameNamespaceEquals(i1 networking.Ingress, i2 networking.Ingress) bool

IngressNameNamespaceEquals returns true if names and namespaces of the provided ingress resources match i1 must define Name and Namespace defined

func IngressVersionAvailable 

func IngressVersionAvailable(client clientset.Interface, logger *zap.Logger) (bool, bool, bool)

NetworkingIngressAvailable checks if the package "k8s.io/api/networking/v1beta1" is available or not Also it checks whether enhanced Ingress features are available or not (API version >= 1.18) Also it checks whether v1 Ingress API is available or not (API version >= 1.19)

func ItemInSlice 

func ItemInSlice(needle string, hay []string) bool

ItemInSlice returns true if the specified slice contains the specified item

func KeyInMap 

func KeyInMap(needle string, haystack map[string]string) bool

KeyInMap returns true if the specified map contains the specified key

func LoadKubeConfig 

func LoadKubeConfig(path string) (*clientcmdapi.Config, error)

func LoadTemplate 

func LoadTemplate(templateName string, lgr *zap.Logger) (*template.Template, error)

func LookupSecret 

func LookupSecret(kc KubeClient, secretName, namespace string, logger *zap.Logger) (*v1.Secret, error)

func ParseALBIDList 

func ParseALBIDList(albIDList string) (albIDArray []string)

func PathOrDefault 

func PathOrDefault(path string) string

func PrintStatus 

func PrintStatus(dumpDir string, kubeConfigPath string, statusCM v1.ConfigMap) error

func RandomString 

func RandomString(length int) (string, error)

RandomString returns a random string with the specified length

func StringToPtr 

func StringToPtr(val string) *string

StringToPtr converts a string to a string pointer

func TrimWhiteSpaces 

func TrimWhiteSpaces(s []string) []string

TrimWhiteSpaces returns with a new string slice containing only non-empty items that have no leading and trailing whitespaces

func UpdateProxySecret 

func UpdateProxySecret(kc KubeClient, secretName, namespace string, logger *zap.Logger) (secret *v1.Secret, warnings []string, err error)

func ValueInMap 

func ValueInMap(needle string, haystack map[string]string) bool

ValueInMap returns true if the specified map contains the specified value

Types

type ALBConfigData 

type ALBConfigData struct {
	IngressToCMData IngressToCM
}

type ALBSpecificData 

type ALBSpecificData map[string]*ALBConfigData

ALBSpecificData is to store the ALB instance specific configuration data that shall be migrated so, that the result can be applied on selected K8s ingress controllers only The key is the ALB-ID

func MergeALBSpecificData 

func MergeALBSpecificData(albSpecificData ALBSpecificData, ingressToCM IngressToCM, albIDList string, logger *zap.Logger) (ALBSpecificData, error)

type IngressConfig 

type IngressConfig struct {
	// Name, namespace, resource version
	IngressObj metav1.ObjectMeta
	// tls host and secret
	IngressSpec networking.IngressSpec

	IngressClass string
	Servers      []Server
}

type IngressToCM 

type IngressToCM struct {
	// TCPPorts contains the TCP port configurations that shall be applied on the K8s CM which is processed
	// by public ingress controllers
	// Ingress port is used as key
	TCPPorts map[string]*TCPPortConfig
}

IngressToCM is to contain those parameters that are parsed from Ingress resources but should be managed in the K8s CM

type KubeClient 

type KubeClient interface {
	GetConfigMap(name, namespace string) (*v12.ConfigMap, error)
	CreateConfigMap(cm *v12.ConfigMap) error
	IsNetworkingEnabled() bool
	GetClient() *clientset.Clientset
	GetIngressResources() ([]networking.Ingress, error)
	CreateOrUpdateIngress(ing networking.Ingress) error
	CreateOrUpdateStatusCm(migrationMode string, migratedResources []model.MigratedResource, subdomainMap map[string]string) error
	DeleteStatusCm() error
	UpdateConfigmap(cm *v12.ConfigMap) error
	IsIngressEnhancementsEnabled() bool
	GetSecret(name, namespace string) (*v12.Secret, error)
	UpdateSecret(secret *v12.Secret) error
	GetIngressContainer() map[string]map[string]networkingv1.Ingress
	GetConfigMapContainer() map[string]map[string]v12.ConfigMap
	GetSecretContainer() map[string]map[string]v12.Secret
}

func NewKubeClient 

func NewKubeClient(kubeConfigPath string, readOnly bool, recordResources bool, logger *zap.Logger) (KubeClient, error)

type Location 

type Location struct {
	// based off of v1beta1/types/HTTPIngressRuleValue
	Path        string
	PathType    *networking.PathType
	ServiceName string
	ServicePort intstr.IntOrString

	Annotations LocationAnnotations
}

type LocationAnnotations 

type LocationAnnotations struct {
	Rewrite                  string
	RedirectToHTTPS          bool
	LocationSnippet          []string
	ClientMaxBodySize        string
	ProxyBufferSize          string
	ProxyBuffering           string
	ProxyBuffers             string
	ProxyReadTimeout         string
	ProxyConnectTimeout      string
	ProxySSLSecret           string
	ProxySSLVerifyDepth      string
	ProxySSLName             string
	ProxySSLVerify           string
	ProxyNextUpstreamTries   string
	ProxyNextUpstreamTimeout string
	ProxyNextUpstream        string
	SetStickyCookie          bool
	StickyCookieName         string
	StickyCookieExpire       string
	StickyCookiePath         string
	AppIDAuthURL             string
	AppIDSignInURL           string
	UseRegex                 bool
}

type Server 

type Server struct {
	HostName    string
	Locations   []Location
	Annotations ServerAnnotations
}

type ServerAnnotations 

type ServerAnnotations struct {
	ServerSnippet        []string
	SetMutualAuth        bool
	MutualAuthSecretName string
}

type SingleIngressConfig 

type SingleIngressConfig struct {
	// IngressObject
	IngressObj metav1.ObjectMeta

	// Servers
	HostNames []string

	// TLS secrets and hostnames
	TLSConfigs []TLSConfig

	// Location
	Path        string
	PathType    string
	ServiceName string
	ServicePort string

	IngressClass        string
	LocationAnnotations LocationAnnotations
	ServerAnnotations   ServerAnnotations
	IsServerConfig      bool
}

type TCPPortConfig 

type TCPPortConfig struct {
	ServiceName string
	Namespace   string
	ServicePort string
}

TCPPortConfig contains the information about a backend service which is needed to build a TCP stream CM config for the K8s ingress controller

type TLSConfig 

type TLSConfig struct {
	HostNames []string
	Secret    string
}

type TestKClient 

type TestKClient struct {
	IksCm                      *v1.ConfigMap
	T                          *testing.T
	K8sCm                      *v1.ConfigMap
	ExpectedK8sCm              *v1.ConfigMap
	IngressList                []networking.Ingress
	CreateIngressList          []networking.Ingress
	V1IngressList              []networkingv1.Ingress
	CreateV1IngressList        []networkingv1.Ingress
	GetIngressErr              error
	StatusCmErr                error
	ExpectedResourceInfo       []model.MigratedResource
	ExpectedSubdomainMap       map[string]string
	ExpectedMigrationMode      string
	CreateIngErr               error
	K8STCPCMList               []*v1.ConfigMap
	GetIKSCMErr                error
	GetK8STCPCMErr             map[string]error
	CalledOp                   []string
	CMData                     map[string]map[string]string
	IngressEnhancementsEnabled bool
	Secret                     *v1.Secret
	UpdatedSecret              *v1.Secret
	GetSecretErr               error
	GetNamespace               string
	ReferenceSecretInDefaultNS bool
	V1IngressOnly              bool
}

func (*TestKClient) CreateConfigMap 

func (k *TestKClient) CreateConfigMap(cm *v1.ConfigMap) error

func (*TestKClient) CreateOrUpdateIngress 

func (k *TestKClient) CreateOrUpdateIngress(ing networking.Ingress) error

func (*TestKClient) CreateOrUpdateStatusCm 

func (k *TestKClient) CreateOrUpdateStatusCm(migrationModeUpdate string, migratedResourcesUpdate []model.MigratedResource, subdomainMapUpdate map[string]string) error

func (*TestKClient) DeleteStatusCm 

func (k *TestKClient) DeleteStatusCm() error

func (*TestKClient) GetClient 

func (k *TestKClient) GetClient() *clientset.Clientset

func (*TestKClient) GetConfigMap 

func (k *TestKClient) GetConfigMap(name, namespace string) (*v1.ConfigMap, error)

func (*TestKClient) GetConfigMapContainer 

func (k *TestKClient) GetConfigMapContainer() map[string]map[string]v1.ConfigMap

func (*TestKClient) GetIngressContainer 

func (k *TestKClient) GetIngressContainer() map[string]map[string]networkingv1.Ingress

func (*TestKClient) GetIngressResources 

func (k *TestKClient) GetIngressResources() ([]networking.Ingress, error)

func (*TestKClient) GetSecret 

func (k *TestKClient) GetSecret(name, namespace string) (*v1.Secret, error)

func (*TestKClient) GetSecretContainer 

func (k *TestKClient) GetSecretContainer() map[string]map[string]v1.Secret

func (*TestKClient) IsIngressEnhancementsEnabled 

func (k *TestKClient) IsIngressEnhancementsEnabled() bool

func (*TestKClient) IsNetworkingEnabled 

func (k *TestKClient) IsNetworkingEnabled() bool

func (*TestKClient) UpdateConfigmap 

func (k *TestKClient) UpdateConfigmap(cm *v1.ConfigMap) error

func (*TestKClient) UpdateSecret 

func (k *TestKClient) UpdateSecret(secret *v1.Secret) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.