k8s

package
v0.1.24-mps Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2023 License: MIT Imports: 38 Imported by: 0

Documentation

Index

Constants

View Source
const EnvProcessName = "fprocess"

EnvProcessName is the name of the env variable containing the function process

View Source
const (

	// LogBufferSize number of log messages that may be buffered
	LogBufferSize = 500 * 2
)
View Source
const SecurityContextUserID = int64(12000)

nonRootFunctionuserID is the user id that is set when DeployHandlerConfig.SetNonRootUser is true. value >10000 per the suggestion from https://kubesec.io/basics/containers-securitycontext-runasuser/

Variables

This section is empty.

Functions

func AsFunctionStatus

func AsFunctionStatus(item appsv1.Deployment) *types.FunctionStatus

AsFunctionStatus reads a Deployment object into an OpenFaaS FunctionStatus, parsing the Deployment and Container spec into a simplified summary of the Function

func FilterActivePods added in v0.1.23

func FilterActivePods(pods []*corev1.Pod) []*corev1.Pod

func GenerateRangeNum added in v0.1.23

func GenerateRangeNum(min, max int) int

func GetLogs

func GetLogs(ctx context.Context, client kubernetes.Interface, functionName, namespace string, tail int64, since *time.Time, follow bool) (<-chan Log, error)

GetLogs returns a channel of logs for the given function

func IsNotFound

func IsNotFound(err error) bool

isNotFound tests if the error is a kubernetes API error that indicates that the object was not found or does not exist

func IsPodActive added in v0.1.23

func IsPodActive(p *corev1.Pod) bool

func ReadFunctionSecretsSpec

func ReadFunctionSecretsSpec(item appsv1.Deployment) []string

ReadFunctionSecretsSpec parses the name of the required function secrets. This is the inverse of ConfigureSecrets.

Types

type ChangeType added in v0.1.22

type ChangeType int
const (
	Inc ChangeType = 2
	Dec ChangeType = 0
	Sta ChangeType = 1
)

type ContainerPool added in v0.1.22

type ContainerPool struct {
	// contains filtered or unexported fields
}

may not defined here

type DeploymentConfig

type DeploymentConfig struct {
	RuntimeHTTPPort int32
	HTTPProbe       bool
	ReadinessProbe  *ProbeConfig
	LivenessProbe   *ProbeConfig
	ImagePullPolicy string
	// SetNonRootUser will override the function image user to ensure that it is not root. When
	// true, the user will set to 12000 for all functions.
	SetNonRootUser bool
	// ProfilesNamespace defines which namespace is used to look up available Profiles.
	ProfilesNamespace string
}

DeploymentConfig holds the global deployment options

type FunctionFactory

type FunctionFactory struct {
	Client kubernetes.Interface
	Config DeploymentConfig
}

NamespacedProfiler is a subset of the v1.ProfileLister that is needed for the function factory to support Profiles

type NamespacedProfiler interface {
	Profiles(namespace string) v1.ProfileNamespaceLister
}

FunctionFactory is handling Kubernetes operations to materialise functions into deployments and services

func NewFunctionFactory

func NewFunctionFactory(clientset kubernetes.Interface, config DeploymentConfig) FunctionFactory

func (*FunctionFactory) ConfigureContainerUserID

func (f *FunctionFactory) ConfigureContainerUserID(deployment *appsv1.Deployment)

ConfigureContainerUserID sets the UID to 12000 for the function Container. Defaults to user specified in image metadata if `SetNonRootUser` is `false`. Root == 0.

func (*FunctionFactory) ConfigureReadOnlyRootFilesystem

func (f *FunctionFactory) ConfigureReadOnlyRootFilesystem(request sharepod.SharepodDeployment, deployment *appsv1.Deployment)

ConfigureReadOnlyRootFilesystem will create or update the required settings and mounts to ensure that the ReadOnlyRootFilesystem setting works as expected, meaning:

  1. when ReadOnlyRootFilesystem is true, the security context of the container will have ReadOnlyRootFilesystem also marked as true and a new `/tmp` folder mount will be added to the deployment spec
  2. when ReadOnlyRootFilesystem is false, the security context of the container will also have ReadOnlyRootFilesystem set to false and there will be no mount for the `/tmp` folder

This method is safe for both create and update operations.

func (*FunctionFactory) ConfigureSecrets

func (f *FunctionFactory) ConfigureSecrets(request types.FunctionDeployment, deployment *appsv1.Deployment, existingSecrets map[string]*apiv1.Secret) error

ConfigureSecrets will update the Deployment spec to include secrets that have been deployed in the kubernetes cluster. For each requested secret, we inspect the type and add it to the deployment spec as appropriate: secrets with type `SecretTypeDockercfg/SecretTypeDockerjson` are added as ImagePullSecrets all other secrets are mounted as files in the deployments containers.

func (*FunctionFactory) MakeProbes

MakeProbes returns the liveness and readiness probes by default the health check runs `cat /tmp/.lock` every ten seconds

type FunctionLookup

type FunctionLookup struct {
	DefaultNamespace string
	//EndpointLister   corelister.EndpointsLister
	//endpoint lister may not needed for custom version
	FaasLister faas.SharePodLister
	PodLister  corelister.PodLister

	RateRep bool

	Database *gcache.Cache
	//DB *buntdb.DB
	//redispool redis.Pool
	CeleryClient *gocelery.CeleryClient
	// contains filtered or unexported fields
}

func NewFunctionLookup

func NewFunctionLookup(ns string, podLister corelister.PodLister, faasLister faas.SharePodLister, db *gcache.Cache) *FunctionLookup

func (*FunctionLookup) AddFunc added in v0.1.22

func (l *FunctionLookup) AddFunc(funcname string)

func (*FunctionLookup) DeleteFunction added in v0.1.22

func (l *FunctionLookup) DeleteFunction(name string)

func (*FunctionLookup) DeletePodInfo added in v0.1.23

func (l *FunctionLookup) DeletePodInfo(funcName string, podName string)

func (*FunctionLookup) GetLister

func (l *FunctionLookup) GetLister() ShareLister

extension to moultiple namespaces

func (*FunctionLookup) GetSHRLister

func (l *FunctionLookup) GetSHRLister() faas.SharePodLister

func (*FunctionLookup) Insert added in v0.1.22

func (l *FunctionLookup) Insert(shrName string, podName string, podIp string)

func (*FunctionLookup) Resolve

func (l *FunctionLookup) Resolve(name string, suffix string) (url.URL, string, error)

func (*FunctionLookup) ScaleDown added in v0.1.23

func (l *FunctionLookup) ScaleDown(funtionName string)

func (*FunctionLookup) ScaleUp added in v0.1.23

func (l *FunctionLookup) ScaleUp(funtionName string)

func (*FunctionLookup) SetLister

func (l *FunctionLookup) SetLister(lister ShareLister)

func (*FunctionLookup) Update added in v0.1.22

func (l *FunctionLookup) Update(duration time.Duration, functionName string, podName string, kube clientset.Interface, timeout bool)

func (*FunctionLookup) UpdatePossiTimeOut added in v0.1.23

func (l *FunctionLookup) UpdatePossiTimeOut(possi bool, functionName string, podName string)

func (*FunctionLookup) UpdateReplica added in v0.1.23

func (l *FunctionLookup) UpdateReplica(kube clientset.Interface, namepsace string, shrName string, invoke int32)

type Log

type Log struct {
	// Text is the log message itself
	Text string `json:"text"`

	// Namespace of the pod
	Namespace string `json:"namespace"`

	// PodName of the instance
	PodName string `json:"podName"`

	// FunctionName of the pod
	FunctionName string `json:"FunctionName"`

	// Timestamp of the message
	Timestamp time.Time `json:"timestamp"`
}

Log is the object which will be used together with the template to generate the output.

type LogRequestor

type LogRequestor struct {
	// contains filtered or unexported fields
}

LogRequestor implements the Requestor interface for k8s

func NewLogRequestor

func NewLogRequestor(client kubernetes.Interface, functionNamespace string) *LogRequestor

NewLogRequestor returns a new logs.Requestor that uses kail to select and follow pod logs

func (LogRequestor) Query

func (l LogRequestor) Query(ctx context.Context, r logs.Request) (<-chan logs.Message, error)

Query implements the actual Swarm logs request logic for the Requestor interface This implementation ignores the r.Limit value because the OF-Provider already handles server side line limits.

type PodInfo added in v0.1.22

type PodInfo struct {
	PodName          string
	PodIp            string
	ServiceName      string
	AvgResponseTime  time.Duration
	LastResponseTime time.Duration
	TotalInvoke      int32
	LastInvoke       time.Time
	Rate             float32
	//
	RateChange   ChangeType
	PossiTimeout bool
	Timeout      bool
}

type PodsWithInfos added in v0.1.22

type PodsWithInfos struct {
	//Pods     []PodInfo
	Pods []*v1.Pod

	Now metav1.Time
	// contains filtered or unexported fields
}

func (PodsWithInfos) Len added in v0.1.22

func (s PodsWithInfos) Len() int

func (PodsWithInfos) Less added in v0.1.22

func (s PodsWithInfos) Less(i, j int) bool

func (PodsWithInfos) Swap added in v0.1.22

func (s PodsWithInfos) Swap(i, j int)

type ProbeConfig

type ProbeConfig struct {
	InitialDelaySeconds int32
	TimeoutSeconds      int32
	PeriodSeconds       int32
}

ProbeConfig holds the deployment liveness and readiness options

type SecretInterfacer

type SecretInterfacer interface {
	// Secrets returns a SecretInterface scoped to the specified namespace
	Secrets(namespace string) typedV1.SecretInterface
}

SecretInterfacer exposes the SecretInterface getter for the k8s client. This is implemented by the CoreV1Interface() interface in the Kubernetes client. The SecretsClient only needs this one interface, but needs to be able to set the namespaces when the interface is instantiated, meaning, we need the Getter and not the SecretInterface itself.

type SecretsClient

type SecretsClient interface {
	// List returns a list of available function secrets.  Only the names are returned
	// to ensure we do not accidentally read or print the sensitive values during
	// read operations.
	List(namespace string) (names []string, err error)
	// Create adds a new secret, with the appropriate labels and structure to be
	// used as a function secret.
	Create(secret types.Secret) error
	// Replace updates the value of a function secret
	Replace(secret types.Secret) error
	// Delete removes a function secret
	Delete(name string, namespace string) error
	// GetSecrets queries Kubernetes for a list of secrets by name in the given k8s namespace.
	// This should only be used if you need access to the actual secret structure/value. Specifically,
	// inside the FunctionFactory.
	GetSecrets(namespace string, secretNames []string) (map[string]*apiv1.Secret, error)
}

SecretsClient exposes the standardized CRUD behaviors for Kubernetes secrets. These methods will ensure that the secrets are structured and labelled correctly for use by the OpenFaaS system.

func NewSecretsClient

func NewSecretsClient(kube kubernetes.Interface) SecretsClient

NewSecretsClient constructs a new SecretsClient using the provided Kubernetes client.

type ShareLister

type ShareLister struct {
	// contains filtered or unexported fields
}

type SharePodInfo added in v0.1.22

type SharePodInfo struct {
	ScaleDown   bool
	TotalInvoke int32
	//todo make thread safe
	Lock sync.RWMutex
}

type SharepodProbes

type SharepodProbes struct {
	Liveness  *corev1.Probe
	Readiness *corev1.Probe
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL