admit

package

v0.0.0-...-fd0897c Latest Latest Go to latest Published: Apr 4, 2018 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aerathis/istio

Links

Open Source Insights

Documentation ¶

Index ¶

type AdmissionController
- func NewController(client kubernetes.Interface, options ControllerOptions) (*AdmissionController, error)
- func (ac *AdmissionController) Run(stop <-chan struct{})
- func (ac *AdmissionController) ServeHTTP(w http.ResponseWriter, r *http.Request)
type ControllerOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AdmissionController ¶

type AdmissionController struct {
	// contains filtered or unexported fields
}

AdmissionController implements the external admission webhook for validation of pilot configuration.

func NewController ¶

func NewController(client kubernetes.Interface, options ControllerOptions) (*AdmissionController, error)

NewController creates a new instance of the admission webhook controller.

func (*AdmissionController) Run ¶

func (ac *AdmissionController) Run(stop <-chan struct{})

Run implements the admission controller run loop.

func (*AdmissionController) ServeHTTP ¶

func (ac *AdmissionController) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements the external admission webhook for validating pilot configuration.

type ControllerOptions ¶

type ControllerOptions struct {
	// Descriptor defines the list of supported configuration model
	// types for Pilot.
	Descriptor model.ConfigDescriptor

	// ExternalAdmissionWebhookName is the name of the
	// ExternalAdmissionHook which describes he external admission
	// webhook and resources and operations it applies to.
	ExternalAdmissionWebhookName string

	// ServiceName is the service name of the webhook.
	ServiceName string

	// ServiceNamespace is the namespace of the webhook service.
	ServiceNamespace string

	// ValidateNamespaces is a list of names to validate. Any
	// namespace not in this list is unconditionally validated as
	// good. This is useful when multiple validators are running in
	// the same cluster managing different sets of namespaces
	// (e.g. shared test clusters).
	ValidateNamespaces []string

	// DomainSuffix is the DNS domain suffix for Istio CRD resources,
	// e.g. cluster.local.
	DomainSuffix string

	// SecretName is the name of k8s secret that contains the webhook
	// server key/cert and corresponding CA cert that signed them. The
	// server key/cert are used to serve the webhook and the CA cert
	// is provided to k8s apiserver during admission controller
	// registration.
	SecretName string

	// Port where the webhook is served. Per k8s admission
	// registration requirements this should be 443 unless there is
	// only a single port for the service.
	Port int

	// RegistrationDelay controls how long admission registration
	// occurs after the webhook is started. This is used to avoid
	// potential races where registration completes and k8s apiserver
	// invokes the webhook before the HTTP server is started.
	RegistrationDelay time.Duration
}

ControllerOptions contains the configuration for the Istio Pilot validation admission controller.

Source Files ¶

View all Source files

admit.go

Directories ¶

Path	Synopsis
testcerts

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL