Documentation ¶
Overview ¶
Package crd provides the store interface to config resources stored as kubernetes custom resource definitions (CRDs).
Index ¶
- func NewStore(u *url.URL) (store.Backend, error)
- func Register(builders map[string]store.Builder)
- type AdmissionController
- type ControllerOptions
- type Store
- func (s *Store) Get(key store.Key) (*store.BackEndResource, error)
- func (s *Store) Init(kinds []string) error
- func (s *Store) List() map[store.Key]*store.BackEndResource
- func (s *Store) OnAdd(obj interface{})
- func (s *Store) OnDelete(obj interface{})
- func (s *Store) OnUpdate(oldObj, newObj interface{})
- func (s *Store) Stop()
- func (s *Store) Watch() (<-chan store.BackendEvent, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AdmissionController ¶
type AdmissionController struct {
// contains filtered or unexported fields
}
AdmissionController implements the external admission webhook for validation of pilot configuration.
func NewController ¶
func NewController(client kubernetes.Interface, options ControllerOptions) (*AdmissionController, error)
NewController creates a new instance of the admission webhook controller.
func (*AdmissionController) Run ¶
func (ac *AdmissionController) Run(stop <-chan struct{})
Run implements the admission controller run loop.
func (*AdmissionController) ServeHTTP ¶
func (ac *AdmissionController) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP implements the external admission webhook.
type ControllerOptions ¶
type ControllerOptions struct { // The name of the resources this controller can admit. ResourceNames []string // ExternalAdmissionWebhookName is the name of the // ValidatingWebhook which describes he external admission // webhook and resources and operations it applies to. ExternalAdmissionWebhookName string // ServiceName is the service name of the webhook. ServiceName string // ServiceNamespace is the namespace of the webhook service. ServiceNamespace string // ValidateNamespaces is a list of names to validate. Any // namespace not in this list is unconditionally validated as // good. This is useful when multiple validators are running in // the same cluster managing different sets of namespaces // (e.g. shared test clusters). Not for production use. ValidateNamespaces []string // SecretName is the name of k8s secret that contains the webhook // server key/cert and corresponding CA cert that signed them. The // server key/cert are used to serve the webhook and the CA cert // is provided to k8s apiserver during admission controller // registration. SecretName string // Port where the webhook is served. Per k8s admission // registration requirements this should be 443 unless there is // only a single port for the service. Port int // RegistrationDelay controls how long admission registration // occurs after the webhook is started. This is used to avoid // potential races where registration completes and k8s apiserver // invokes the webhook before the HTTP server is started. RegistrationDelay time.Duration // Validator defines the actual logic of validating data. Validator store.BackendValidator }
ControllerOptions contains the configuration for the Istio Pilot validation admission controller.
type Store ¶
Store offers store.StoreBackend interface through kubernetes custom resource definitions.
func (*Store) List ¶
func (s *Store) List() map[store.Key]*store.BackEndResource
List implements store.Backend interface.
func (*Store) OnAdd ¶
func (s *Store) OnAdd(obj interface{})
OnAdd implements cache.ResourceEventHandler interface.
func (*Store) OnDelete ¶
func (s *Store) OnDelete(obj interface{})
OnDelete implements cache.ResourceEventHandler interface.